[Pdns-users] Wrong A-Record is retuned for CNAME that can not be resolved to A
Kevin Olbrich
ko at sv01.de
Thu Sep 26 10:06:30 UTC 2019
Hi!
I've now met a problem where I don't know how to proceed:
===========>% ===========
C:\Users\kolbrich>nslookup -q=CNAME _
91867ab3c77f152ba4ab0cceeabb3666.expose.graf-borstar.de. 8.8.8.8
Server: dns.google
Address: 8.8.8.8
Nicht autorisierende Antwort:
_91867ab3c77f152ba4ab0cceeabb3666.expose.graf-borstar.de canonical
name = _c09668a36b3b6665549a795863f30b9b.olprtlswtu.acm-validations.aws
===========>% ===========
My NS has a catch-all zone using "." including SOA to be authoritative for
all new domains that do not yet have a zone (async processing).
This allows us to be responsive for zones we actually did not yet create or
have not been replicated.
It's seems, that AWS uses the same authoritative NS to resolv it's own
CNAME (which does not resolve at all in public):
===========>% ===========
C:\Users\kolbrich>nslookup
_c09668a36b3b6665549a795863f30b9b.olprtlswtu.acm-validations.aws.
10.100.0.210
(root)
primary name server = ns01.srvfarm.net
responsible mail addr = dnsnoc.dolphin-it.de
serial = 2
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 3600 (1 hour)
Server: UnKnown
Address: 10.100.0.210
Name: _c09668a36b3b6665549a795863f30b9b.olprtlswtu.acm-validations.aws
Addresses: 2a06:9500:1002:0:185:118:197:123
185.118.197.123
===========>% ===========
Do I need to adjust the "graf-borstar.de"-zone? If yes, how?
I am running dnsdist in front, should I adjust something there?
Kind regards
Kevin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20190926/0b25e6e3/attachment-0001.htm>
More information about the Pdns-users
mailing list