Information about DNS and network

Latest Posts

Odd DNS issue

So I am running my own Bind9 server. It is mostly working. But I am having a very odd issue.

If I run:

nslookup ctest.cdn.nintendo.com 9.9.9.9

On my desktop machine, this resolves just fine and I get a result. I do this on my Ubuntu Server 18.04 bind server and I get an NXDOMAIN error about it not being found (this, of course means any forwards that this DNS server does will also fail).

I am baffled as to how I can make the same enquiry, on the same network, to the same DNS server address and get no resolution on one of them.

It does not seem to matter what server I send the request to, on my Bind server there is no result (I tried 1.1.1.1, 8.8.8.8 and 8.8.4.4, all with the same results).

The server is working just fine otherwise, there do not seem to be any other domains that I cannot resolve.

I am stumped on this one, so any help would be greatly appreciated.

EDIT: It would appear that this was a transient issue AND I was using the wrong domain, it’s .net and not .com. But I did just realize that Comcast is hijacking my DNS enquiries, whis is concerning, but another issue in on it’s own.

From the server:

nslookup ctest.cdn.nintendo.com 9.9.9.9 Server: 9.9.9.9 Address: 9.9.9.9#53 ** server can't find ctest.cdn.nintendo.com: NXDOMAIN 

dig @9.9.9.9 ctest.cdn.nintendo.com 9.9.9.9 ; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> @9.9.9.9 ctest.cdn.nintendo.com 9.9.9.9 ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13880 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;ctest.cdn.nintendo.com. IN A ;; AUTHORITY SECTION: nintendo.com. 639 IN SOA ns-431.awsdns-53.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;; Query time: 36 msec ;; SERVER: 9.9.9.9#53(9.9.9.9) ;; WHEN: Sat May 09 18:16:05 PDT 2020 ;; MSG SIZE rcvd: 129 ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7337 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;9.9.9.9. IN A ;; AUTHORITY SECTION: . 3340 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020050901 1800 900 604800 86400 ;; Query time: 13 msec ;; SERVER: 9.9.9.9#53(9.9.9.9) ;; WHEN: Sat May 09 18:16:05 PDT 2020 ;; MSG SIZE rcvd: 111 

From the desktop:

nslookup ctest.cdn.nintendo.net 9.9.9.9 Server: dns9.quad9.net Address: 9.9.9.9 Non-authoritative answer: Name: ctest.cdn.nintendo.net.<LOCAL DOMAIN> Address: 76.126.17.39 

dig @9.9.9.9 ctest.cdn.nintendo.com ; <<>> DiG 9.14.7 <<>> @9.9.9.9 ctest.cdn.nintendo.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46744 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;ctest.cdn.nintendo.com. IN A ;; AUTHORITY SECTION: nintendo.com. 434 IN SOA ns-431.awsdns-53.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;; Query time: 54 msec ;; SERVER: 9.9.9.9#53(9.9.9.9) ;; WHEN: Sat May 09 18:20:03 Pacific Daylight Time 2020 ;; MSG SIZE rcvd: 129 

submitted by /u/lutiana
[link] [comments]

Powered by WPeMatico

DNSSEC with a small registrar

I recently got a domain name with the .cl registrar (listen my domain name is a nice word now), which I wanted to do through a big provider but they wouldn’t touch nic.cl. It was much cheaper directly from nic.cl and the registrar was happy to serve me, but now I’m investigating DNSSEC and having some trouble…

The registrar has a space in which I can add Delegation Signatures and DNSKEY entries, apparently as many as I want, but the main support documentation is Spanish videos which I can’t understand. I contacted my nameserver provider, and they told me that I need to give them the four parts of the key (Tag, Algorithm, Digest & Type) from my ISP, and to send the same details to the registrar. My initial research shows that I can probably just generate the key myself, but I’m not sure if that’ll adversely affect my ability to host websites.

Does my registrar need any RRSIG records to do DNSSEC properly, and are there any considerations I should make around the key tag? Happy to take this to another sub if that’d be better suited

submitted by /u/magearchivist
[link] [comments]

Powered by WPeMatico

Dynamic DNS with just a subdomain? What am I missing?

Hey, all!

I have a domain that I own and use with a hosting provider. Let’s call it MStephans.com. I don’t want to change anything about the domain. Wildcarding, mail, web, etc should all remain the way they are, as it’s my business domain and Gmail address. However, I have a server at my house that I like to remote into, and it has a dynamic IP address (Google Fiber). I currently have a free Dynu account to redirect Me.freeddns.org to that server. I’d love to be able to use Me.MStephans.com instead.

Is that possible without screwing up all my current hosting? It’s a little thing, but if it’s easy I’d love to do it. 🙂 Thanks in advance!!

submitted by /u/mstephans
[link] [comments]

Powered by WPeMatico