DNS Issue: Record fails to resolve (only) with NextDNS
We have a major issue interrupting the work of our team. Currently, NextDNS is not resolving the IPv4 and IPv6 address of our host git.cloutomate.de properly:
Expected behavior (works with all major DNS providers)
> dig git.cloutomate.de A @8.8.8.8
; <<>> DiG 9.10.6 <<>> git.cloutomate.de A @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25992
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;git.cloutomate.de. IN A
;; ANSWER SECTION:
git.cloutomate.de. 300 IN A 104.18.7.211
git.cloutomate.de. 300 IN A 104.18.6.211Actual behavior (for all users, IPv4 and IPv6 name servers, A and AAAA records):
> dig git.cloutomate.de A @45.90.28.206 ; <<>> DiG 9.10.6 <<>> git.cloutomate.de A @45.90.28.206
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48476
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;git.cloutomate.de. IN A ;; ANSWER SECTION:
git.cloutomate.de. 281 IN CNAME 36928ef2-c13c-45cb-8b77-a0141409cb72.cfargotunnel.com. ;; AUTHORITY SECTION:
cfargotunnel.com. 1781 IN SOA dell.ns.cloudflare.com. dns.cloudflare.com. 2357604974 10000 2400 604800 18003 replies
-
I believe the problem is NextDNS is trying to get the answer from the Authoritative Server, which cannot be found.
I use this tool https://dnschecker.org/dns-record-validation.php
-
All DNS resolution is normal
; <<>> DiG 9.16.28 <<>> git.cloutomate.de CHAOS ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43792 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 7 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;git.cloutomate.de. CH A ;; ANSWER SECTION: git.cloutomate.de. 300 IN A 104.18.7.211 git.cloutomate.de. 300 IN A 104.18.6.211 ;; ADDITIONAL SECTION: server.nextdns.io. 0 CH TXT "lightnode-sgn-1" client-name.nextdns.io. 0 CH TXT "nextdns-windows" proto.nextdns.io. 0 CH TXT "DOH" profile.nextdns.io. 0 CH TXT "fpfb396ba10fe8060d" client.nextdns.io. 0 CH TXT "<hide ip>" smart-ecs.nextdns.io. 0 CH TXT "23.36.145.0/24" ;; Query time: 95 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) ;; WHEN: Fri Dec 13 09:39:41 SE Asia Standard Time 2024 ;; MSG SIZE rcvd: 379 ; <<>> DiG 9.16.28 <<>> git.cloutomate.de AAAA CHAOS ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10792 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 7 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;git.cloutomate.de. CH AAAA ;; ANSWER SECTION: git.cloutomate.de. 300 IN AAAA 2606:4700::6812:6d3 git.cloutomate.de. 300 IN AAAA 2606:4700::6812:7d3 ;; ADDITIONAL SECTION: server.nextdns.io. 0 CH TXT "lightnode-sgn-1" profile.nextdns.io. 0 CH TXT "fpfb396ba10fe8060d" client.nextdns.io. 0 CH TXT "<hide ip>" client-name.nextdns.io. 0 CH TXT "nextdns-windows" proto.nextdns.io. 0 CH TXT "DOH" smart-ecs.nextdns.io. 0 CH TXT "23.36.145.0/24" ;; Query time: 77 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) ;; WHEN: Fri Dec 13 09:39:54 SE Asia Standard Time 2024 ;; MSG SIZE rcvd: 403 -
I’m seeing the same as @bigdargon
But then I also looked up what the cname was that returned. It appears to be a CloudFlare tunnel. Did you set this up yourself, have you even heard of it before? It seems it’s intercepting the DNS request and giving you the response you are seeing.
Content aside
- 8 days agoLast active
- 3Replies
- 42Views
-
5
Following