We're messing with DNS, something might break

Joe · January 10, 2026, 8:17pm

Howdy all,

Just a heads up.

Ilia and I are messing around with DNS today, migrating to Route 53. Theoretically, we’re experts and we know what we’re doing, but realistically, we may have missed something and something will break. So, if anything goes offline, it’s DNS and we’ll probably fix it quickly. Since we’re migrating all zones to Route 53, all services have the potential to break. I doubt any of the obvious things will go wrong, but we might have to fight with email-related records.

If you do see something wrong, and the forum is still up feel free to let us know about it in this thread (and if the forum is not still up, we’ll already be working on it, and don’t need anyone to tell us).

Cheers,
Joe

CTS · January 10, 2026, 8:20pm

No Idea what Route 53 is but wish you best of luck

Joe · January 10, 2026, 8:24pm

Route 53 is one of the cloud DNS providers Virtualmin supports (Route 53 is in GPL, all the rest are only in Pro). It is a service provided by Amazon.

I’ve been hesitant to stop managing our own local DNS, as we “eat our own dog food” around here, but these days, more and more folks are hosting DNS in cloud providers, so it makes sense for us to do that, too. It’s also more reliable, faster, and more broadly distributed. Amazon has data centers all over the world and they have anycast DNS servers, so you get the closest fastest one. (Of course, we only have one web server and one forum server, so we’re not hyper resilient or redundant, if we have a catastrophic failure, we’ll be recovering from backups…so DNS having five 9s isn’t a big jump in our overall reliability.)

Joe · January 10, 2026, 8:31pm

Update: I changed the glue records, and I see AWS servers across all my servers when resolving for our zone. So, the damage is done.

If you see anything off with DNS, let us know. We’ll be watching our mail logs to make sure we didn’t break anything DKIM/SPF related.

CTS · January 10, 2026, 8:33pm

ok so Route 53 has to do with you providing services and not what we are hosting on our pro virtualmin servers?

Joe · January 10, 2026, 8:37pm

Has nothing to do with your servers. We have no control over your servers.

CTS · January 10, 2026, 8:39pm

@Joe
right but I was meaning our servers connecting to updates for webmin/virtualmin
I hope all goes well with your migration

Joe · January 10, 2026, 8:44pm

Oh, yeah, I see what you mean. Yes, it could have affected updates, but I’ve checked and software.virtualmin.com is resolving correctly on the new DNS servers. So there should be not outage for existing systems.

That said, for anyone who installed using the new install script with the new download.virtualmin.com repo, there may be an outage as we’re also putting a CDN in front of it (Our Websites Might Get Weird). software.virtualmin.com is still on the old server, and not getting a CDN, so it’s definitely not breaking (at least not because of anything we’re doing).

CTS · January 10, 2026, 8:49pm

Thanks for the reply @Joe
Not sure what the new install script with software.virtualmin.com is, maybe that is the pre-release of virtualmin 8 thing?

Thanks for being transparent about the changes

Joe · January 10, 2026, 8:52pm

Yes, the prerelease script uses download.virtualmin.com (a new server), while the stable script uses software.virtualmin.com ( a server that has been online for six years in the same place and is not moving).

Margotak2 · January 11, 2026, 7:30am

Oh now i understand why some of the elements were breaking. Thank your for the updates

stefan1959 · January 11, 2026, 9:09am

Don’t you run mail Joe?
I don’t see dmarc records.