Information about DNS and network

Latest Posts

bind9 doesn’t resolve the domain for the first time but eventually it resolve afterwards.

Hi,

I have a bind9 server running.

Whenever I try to access a site, it show the message ‘This site can’t be reached’ first and then it load the page.

A user try to access a website -> show the message This site can’t be reached for 1second -> Successfully resolved the site and the site is displayed on user’s screen.

https://preview.redd.it/o31eflak8iu61.png?width=1408&format=png&auto=webp&s=c2cdb1f530685aa7ffe62180b402bedaf730fb3a

Appreciate any help!

p.s.

Inside the bind9 conf file I replaced 0.0.0.0 to 8.8.8.8 inside forwarders and it seems like it is fixed…

submitted by /u/RyotaLeJap
[link] [comments]

Powered by WPeMatico

Can’t resolve CNAME after enabling dnssec-validation on bind9

So I have a AWS ELB. I also have two DNS servers running bind9 on ec2 instances (redhat). I have dnssec-validation set to “auto”.

I have a cname configured for my ELB.

it looks something like

shortname CNAME longname.elb.awsregion.amazonaws.com

After I turned on dnssec-validation, I can no longer resolve that name with my shortname (CNAME).

I see this in the bind log: lame-servers: no valid DS resolving

I can however do a DIG of the long name and get a response from the server 169.254.169.253 which is the ip you can use if you have dnssupport enabled within the VPC. So why would bind9 say there isn’t a DS returned by the lookup?

[root@dns1 data]# dig DS longname.elb.ap-southeast-2.amazonaws.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.4 <<>> DS longname.elb.ap-southeast-2.amazonaws.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28986

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;longname.elb.ap-southeast-2.amazonaws.com. IN DS

;; AUTHORITY SECTION:

elb.ap-southeast-2.amazonaws.com. 40 IN SOA ns-527.awsdns-01.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 60

;; Query time: 0 msec

;; SERVER: 169.254.169.253#53(169.254.169.253))

;; WHEN: Sun Apr 18 02:41:48 UTC 2021

;; MSG SIZE rcvd: 178

submitted by /u/gotnikes
[link] [comments]

Powered by WPeMatico

How to config netlify custom domain with Route 53 DNS?

hey Guys,

Can someone help me with netlify custom domain? I’m using AWS Route 53 for the DNS thing.

I want to use www.example.com as a primary domain and redirect example.com to www.example.com

I did try to add a custom domain and added the netlify NS records in Route 53.

site is accessible on www.example.com but example.com not reachable.

submitted by /u/alexsanderfrankie
[link] [comments]

Powered by WPeMatico

DNS Design

Hi All,

We have 40+ Windows DNS servers internally and a few in DMZ. These servers across different countries. Flow as below.

Devices—>LAN DNS —–>DMZ DNS—> Google DNS

Users—-WPAD —-Proxy server—>Palo Alto —> Internet

Now we are in a hybrid environment and using more SAAS solutions.

Noticed some intermittence access issues for O365 and other applications when accessing from the US, UK, and India

So this is a more traditional way of DNS design and just asking any modern way of setup

the enterprise DNS?

submitted by /u/AusSupport
[link] [comments]

Powered by WPeMatico