8.8.8.8 returns NXDOMAIN
392 views
Skip to first unread message
Victor Romero Jr
Feb 21, 2017, 11:23:32 AM2/21/17
to public-dns-discuss
Hello Google,
We're trying to resolve an issue with our subdomain "f8.brundagemgt.com". We have a remote client that's having trouble using Google's public DNS to locate our host "w.f8.brundagemgt.com".
introDNS doesn't report anything out of the ordinary for the subdomain "f8", except for missing MX and WWW A records.
DNSViz does show something odd for the subdomain. There are two SOA records that show up. This may have been due to a misconfiguration I did.
Trying Google's DNS 8.8.8.8 responds with an NXDOMAIN and no A record.
; <<>> DiG 9 <<>> @8.8.8.8 w.f8.brundagemgt.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56987
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;w.f8.brundagemgt.com. IN A
;; AUTHORITY SECTION:
f8.brundagemgt.com. 1799 IN SOA ns-1960.awsdns-53.co.uk. awsdns-hostmaster.amazon.com. 2017021002 3600 900 2419200 86400
;; Query time: 146 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Feb 19 21:16:36 2017
;; MSG SIZE rcvd: 122Checking the host from OpenDNS also resolves correctly.
; <<>> DiG 9 <<>> @208.67.222.222 w.f8.brundagemgt.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43821
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;w.f8.brundagemgt.com. IN A
;; ANSWER SECTION:
w.f8.brundagemgt.com. 300 IN A 52.87.251.10
;; Query time: 6 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Mon Feb 20 23:09:08 2017
;; MSG SIZE rcvd: 54Querying from the ns-1960 authoritative host resolves the A record correctly.
; <<>> DiG 9 <<>> @ns-1960.awsdns-53.co.uk w.f8.brundagemgt.com A
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47922
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;w.f8.brundagemgt.com. IN A
;; ANSWER SECTION:
w.f8.brundagemgt.com. 300 IN A 52.87.251.10
;; AUTHORITY SECTION:
f8.brundagemgt.com. 172800 IN NS ns-1490.awsdns-58.org.
f8.brundagemgt.com. 172800 IN NS ns-1960.awsdns-53.co.uk.
f8.brundagemgt.com. 172800 IN NS ns-347.awsdns-43.com.
f8.brundagemgt.com. 172800 IN NS ns-708.awsdns-24.net.
;; Query time: 91 msec
;; SERVER: 2600:9000:5307:a800::1#53(2600:9000:5307:a800::1)
;; WHEN: Sun Feb 19 21:19:01 2017
;; MSG SIZE rcvd: 191Does anyone know the cause of the issue with Google DNS?
Thanks,
Victor
Alex Dupuy
Feb 22, 2017, 6:55:47 PM2/22/17
to public-dns-discuss
OpenDNS is returning NXDOMAIN as well now:
; <<>> DiG 9.8.3-P1 <<>> w.f8.brundagemgt.com @208.67.222.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29138
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; Query time: 28 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Wed Feb 22 18:39:59 2017
;; MSG SIZE rcvd: 38
Looks like they were simply returning (stale?) cached data as none of your authoritative servers for brundagemgt.com are sending proper referral responses (with NS records, not just SOA), probably due to the bogus SOA for f8.brundagemgt.com in the brundagemgt.com zone. Without the NS records, the responses are simply NODATA (or for subdomains, NXDOMAIN). Note that when you query the authorities for brundagemgt.com for NS records, you do see the Amazon Route 53 servers, but that's not part of the normal resolution query path.
$ checkdelegation brundagemgt.com
parent zone com:
brundagemgt.com. 172800 NS ns1.jdp.cc.
brundagemgt.com. 172800 NS ns2.jdp.cc.
brundagemgt.com. 172800 NS ns1.seamans.cc.
brundagemgt.com. 172800 NS daikoku.ccnbi.net.
daikoku.ccnbi.net. 172800 A 173.226.176.10
$ for NS in ns1.jdp.cc ns2.jdp.cc ns1.seamans.cc daikoku.ccnbi.net; do dig +timeout=2 f8.brundagemgt.com @$i; done
; <<>> DiG 9.8.3-P1 <<>> +timeout=2 f8.brundagemgt.com @daikoku.ccnbi.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26971
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;; AUTHORITY SECTION:
f8.brundagemgt.com. 86400 IN SOA ns-1960.awsdns-53.co.uk. awsdns-hostmaster.amazon.com. 2017021002 3600 900 2419200 86400
;; Query time: 44 msec
;; SERVER: 173.226.176.10#53(173.226.176.10)
;; WHEN: Wed Feb 22 18:48:50 2017
;; MSG SIZE rcvd: 120
; <<>> DiG 9.8.3-P1 <<>> +timeout=2 f8.brundagemgt.com @daikoku.ccnbi.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1573
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;; AUTHORITY SECTION:
f8.brundagemgt.com. 86400 IN SOA ns-1960.awsdns-53.co.uk. awsdns-hostmaster.amazon.com. 2017021002 3600 900 2419200 86400
;; Query time: 46 msec
;; SERVER: 173.226.176.10#53(173.226.176.10)
;; WHEN: Wed Feb 22 18:48:50 2017
;; MSG SIZE rcvd: 120
; <<>> DiG 9.8.3-P1 <<>> +timeout=2 f8.brundagemgt.com @daikoku.ccnbi.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3479
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;; AUTHORITY SECTION:
f8.brundagemgt.com. 86400 IN SOA ns-1960.awsdns-53.co.uk. awsdns-hostmaster.amazon.com. 2017021002 3600 900 2419200 86400
;; Query time: 45 msec
;; SERVER: 173.226.176.10#53(173.226.176.10)
;; WHEN: Wed Feb 22 18:48:50 2017
;; MSG SIZE rcvd: 120
; <<>> DiG 9.8.3-P1 <<>> +timeout=2 f8.brundagemgt.com @daikoku.ccnbi.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21412
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;; AUTHORITY SECTION:
f8.brundagemgt.com. 86400 IN SOA ns-1960.awsdns-53.co.uk. awsdns-hostmaster.amazon.com. 2017021002 3600 900 2419200 86400
;; Query time: 45 msec
;; SERVER: 173.226.176.10#53(173.226.176.10)
;; WHEN: Wed Feb 22 18:48:50 2017
;; MSG SIZE rcvd: 120
$ for NS in ns1.jdp.cc ns2.jdp.cc ns1.seamans.cc daikoku.ccnbi.net; do dig +timeout=2 w.f8.brundagemgt.com @$i; done
; <<>> DiG 9.8.3-P1 <<>> +timeout=2 w.f8.brundagemgt.com @daikoku.ccnbi.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50366
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
f8.brundagemgt.com. 86400 IN SOA ns-1960.awsdns-53.co.uk. awsdns-hostmaster.amazon.com. 2017021002 3600 900 2419200 86400
;; Query time: 53 msec
;; SERVER: 173.226.176.10#53(173.226.176.10)
;; WHEN: Wed Feb 22 18:53:13 2017
;; MSG SIZE rcvd: 122
; <<>> DiG 9.8.3-P1 <<>> +timeout=2 w.f8.brundagemgt.com @daikoku.ccnbi.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1630
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
f8.brundagemgt.com. 86400 IN SOA ns-1960.awsdns-53.co.uk. awsdns-hostmaster.amazon.com. 2017021002 3600 900 2419200 86400
;; Query time: 45 msec
;; SERVER: 173.226.176.10#53(173.226.176.10)
;; WHEN: Wed Feb 22 18:53:13 2017
;; MSG SIZE rcvd: 122
; <<>> DiG 9.8.3-P1 <<>> +timeout=2 w.f8.brundagemgt.com @daikoku.ccnbi.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45980
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
f8.brundagemgt.com. 86400 IN SOA ns-1960.awsdns-53.co.uk. awsdns-hostmaster.amazon.com. 2017021002 3600 900 2419200 86400
;; Query time: 44 msec
;; SERVER: 173.226.176.10#53(173.226.176.10)
;; WHEN: Wed Feb 22 18:53:13 2017
;; MSG SIZE rcvd: 122
; <<>> DiG 9.8.3-P1 <<>> +timeout=2 w.f8.brundagemgt.com @daikoku.ccnbi.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46758
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
f8.brundagemgt.com. 86400 IN SOA ns-1960.awsdns-53.co.uk. awsdns-hostmaster.amazon.com. 2017021002 3600 900 2419200 86400
;; Query time: 44 msec
;; SERVER: 173.226.176.10#53(173.226.176.10)
;; WHEN: Wed Feb 22 18:53:13 2017
;; MSG SIZE rcvd: 122
$ for NS in ns1.jdp.cc ns2.jdp.cc ns1.seamans.cc daikoku.ccnbi.net; do dig +timeout=2 NS f8.brundagemgt.com @$i; done
; <<>> DiG 9.8.3-P1 <<>> +timeout=2 NS f8.brundagemgt.com @daikoku.ccnbi.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24942
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4
;; QUESTION SECTION:
;; ANSWER SECTION:
;; ADDITIONAL SECTION:
;; Query time: 45 msec
;; SERVER: 173.226.176.10#53(173.226.176.10)
;; WHEN: Wed Feb 22 18:55:23 2017
;; MSG SIZE rcvd: 237
; <<>> DiG 9.8.3-P1 <<>> +timeout=2 NS f8.brundagemgt.com @daikoku.ccnbi.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64512
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4
;; QUESTION SECTION:
;; ANSWER SECTION:
;; ADDITIONAL SECTION:
;; Query time: 45 msec
;; SERVER: 173.226.176.10#53(173.226.176.10)
;; WHEN: Wed Feb 22 18:55:23 2017
;; MSG SIZE rcvd: 237
; <<>> DiG 9.8.3-P1 <<>> +timeout=2 NS f8.brundagemgt.com @daikoku.ccnbi.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38097
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4
;; QUESTION SECTION:
;; ANSWER SECTION:
;; ADDITIONAL SECTION:
;; Query time: 45 msec
;; SERVER: 173.226.176.10#53(173.226.176.10)
;; WHEN: Wed Feb 22 18:55:23 2017
;; MSG SIZE rcvd: 237
; <<>> DiG 9.8.3-P1 <<>> +timeout=2 NS f8.brundagemgt.com @daikoku.ccnbi.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43532
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4
;; QUESTION SECTION:
;; ANSWER SECTION:
;; ADDITIONAL SECTION:
;; Query time: 44 msec
;; SERVER: 173.226.176.10#53(173.226.176.10)
;; WHEN: Wed Feb 22 18:55:23 2017
;; MSG SIZE rcvd: 237
Reply all
Reply to author
Forward
0 new messages