0

domain not resolve if used nextDNS

hello NextDNS

 

Why if I used NextDNS ping www.kemdikbud.go.id not resolve? but if I change to cloudflare or Google DNS resolve. What can I do for solving problem.

best regards

 

Indra Purbo

8 replies

null
    • Calvin_Hobbes
    • 11 mths ago
    • Reported - view

    Add to your Allow List 

      • R_P_M
      • 11 mths ago
      • Reported - view

       I looked at this earlier, it’s not a blocking problem. For some reason the server is failing on the domain (SERVFAIL response code). 

      The domain does resolve without the www.

      • Calvin_Hobbes
      • 11 mths ago
      • Reported - view

        @indra_purbo

      Oh, that’s interesting.   I’m using an iPad right now so I don’t have access to my regular tools.   Using a couple of online tools, it appears the authoritative servers are currently down.   My guess is some public resolvers are using old cached data for longer than the TTL (because they are unable to update themselves from the authoritative servers) while other public servers are either respecting the original TTL (expired)  or they never had previous knowledge of the A record.

      I used these sites to perform some DNS tests.

      https://dnschecker.org/#NS/www.kemdikbud.go.id <—-currently no answer, appears to be offline right now.

      https://dnschecker.org/#A/www.kemdikbud.go.id <—checking public resolvers around the world shows some do resolve the host, while many others do not.

      https://www.nslookup.io/domains/www.kemdikbud.go.id/dns-records <—- Cloudflare doesn’t have an answer, but Google and unfiltered Control D both do.

      Right now, as I’m writing this it seems the authoritative servers are down and public servers give different results, likely depending on what they previously learned when the authoritative servers were available.

      I don’t recall the details, but I believe the SOA tells resolvers how they should handle expired TTLs when they are unable to obtain fresh data.

      The root cause of the problem is the unavailability of the authoritative servers.

      • R_P_M
      • 11 mths ago
      • Reported - view

       For iOS I use HE.NET Network Tools app. I don’t know if it’s still working on the more recent iOS versions because my iPhone is stuck on 15. It’s free, so you can easily try it out, see if it’s working. 

      • Calvin_Hobbes
      • 11 mths ago
      • Reported - view

      thanks for the tip of he.net. Looks to be quite useful. Did any of my previous reply make sense?

      • R_P_M
      • 11 mths ago
      • Reported - view

       Some of it made some sense, yes but it’s a more serious situation as the domain is reporting no NS records whatsoever. This domain has clearly not been configured correctly and has been broken because of it. Why some dns servers are still giving out IPs for it, I have no idea, their policies obviously aren’t very robust and rather lax. 

    • indra_purbo
    • 11 mths ago
    • Reported - view

    i am test with Google DNS :

    ping www.kemdikbud.go.id
      SEQ HOST                                     SIZE TTL TIME       STATUS               
        0 118.98.227.101                             56  54 52ms919us
        1 118.98.227.101                             56  54 63ms284us
        2 118.98.227.101                             56  54 50ms443us
        3 118.98.227.101                             56  54 48ms373us
        4 118.98.227.101                             56  54 58ms76us  

    why nextdns not update ?

    regards

     

    Indra purbo

Login to reply

Content aside

  • 11 mths agoLast active
  • 8Replies
  • 101Views
  • 3 Following