Wednesday, January 20, 2016

CNAME to another domain fails on some office networks, why?

Our domain "aspenfasteners.com" is hosted by Volusion. We have CNAME records "find" and "search" which point to site indexing accounts on www.picosearch.com.



These addresses fail on SOME private office networks which have their own DNS. We suspect the problem comes from Volusion's own name servers, n2.volusion.com and n3.volusion.com.



Volusion support on problems this technical is non-existant.



We have tried an NSLOOKUP on find.aspenfasteners.com with level 2 debugging info, and we got the results below. Is it possible that the local DNS is recursing to Volusion's name servers, and that while Volusion DOES return the canonical name, they do NOT resolve the address?




Can anybody with expertise in this sort of stuff PLEASE look at the NSLOOKUP below and tell me if we are right, because Volusion is giving me absolutely NO support on this topic. I need proof of where the problem lies.



Thanks VERY much!



Carlo




find.aspenfasteners.com
Server: mtl-srm-dbsv-01.fastenerwholesale.com

Address: 192.168.0.44







SendRequest(), len 61
HEADER:
opcode = QUERY, id = 8, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0




QUESTIONS:
find.aspenfasteners.com.fastenerwholesale.com, type = A, class = IN


------------



Got answer (138 bytes):
HEADER:
opcode = QUERY, id = 8, rcode = NXDOMAIN

header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0



QUESTIONS:
find.aspenfasteners.com.fastenerwholesale.com, type = A, class = IN
AUTHORITY RECORDS:
-> fastenerwholesale.com
type = SOA, class = IN, dlen = 46
ttl = 3600 (1 hour)
primary name server = mtl-srm-dbsv-01.fastenerwholesale.com

responsible mail addr = admin.fastenerwholesale.com
serial = 10219
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)


------------




SendRequest(), len 41
HEADER:
opcode = QUERY, id = 9, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0



QUESTIONS:
find.aspenfasteners.com, type = A, class = IN



------------



Got answer (141 bytes):
HEADER:
opcode = QUERY, id = 9, rcode = NXDOMAIN
header flags: response, auth. answer
questions = 1, answers = 1, authority records = 1, additional = 1



QUESTIONS:
find.aspenfasteners.com, type = A, class = IN

ANSWERS:
-> find.aspenfasteners.com
type = CNAME, class = IN, dlen = 17
canonical name = www.picosearch.com
ttl = 3600 (1 hour)
AUTHORITY RECORDS:
-> com
type = SOA, class = IN, dlen = 43
ttl = 900 (15 mins)
primary name server = ns3.volusion.com

responsible mail addr = admin.volusion.com
serial = 1
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
ADDITIONAL RECORDS:
-> ns3.volusion.com
type = A, class = IN, dlen = 4
internet address = 65.61.137.154

ttl = 900 (15 mins)





*** mtl-srm-dbsv-01.fastenerwholesale.com can't find find.aspenfasteners.com: Non-existent domain

No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...