Questions tagged [domain-name-system]
The Domain Name System, usually referred to by the acronym DNS, is a hierarchical, distributed database where the keys are domain names. Questions involving publicly accessible domains should include the real, Fully Qualified Domain Name (FQDN)
12,281
questions
1
vote
0
answers
8
views
Can I add a Trust Anchor for a specific domain?
Some TLDs unfortunately still don't support DNSSEC all the way to the root. However, is it possible to add a specific DNSKEY to my resolver (currently using knot-resolver) so that a signed zone can ...
- 499
0
votes
0
answers
20
views
BIND9 on Ubuntu 20 - Cannot configure Zone to work properly
I installed it on Ubunto 20 and configured two zones
Options config file
acl internal {
localhost;
localnets;
192.168.70.0/24;
10.200.157.0/24;
};
options {
directory "/var/cache/bind";
...
0
votes
0
answers
15
views
AWS ELB leaks private ip address via dns name that are only accessible via VPN - can this be considered a security risk?
I'm using VPN for my AWS development environment and i have some databases running on EC2 behind an ELB. The thing is whenever i connect to them via VPN i will use database-12345678.elb.us-east-1....
- 902
1
vote
0
answers
26
views
DHCP and DNS on a custom internal vSwitch?
In Win 11 I've configured in Hyper-V a custom internal vSwitch with NAT as follows:
New-VMSwitch -SwitchName 'VM NAT switch' -SwitchType Internal
New-NetIPAddress -IPAddress '192.168.2.1' -...
- 213
2
votes
0
answers
45
views
cURL intermittently failing to resolve domains, while dig always resolves successfully
We have two machines that periodically query various external resources using cURL. Beginning a couple of days ago, these requests have begun intermittently failing with Could not resolve host: www....
- 201
0
votes
1
answer
25
views
Kubernetes cluster with incorrect DNS resolution
Question Description:
I have a harvester HCI Cluster (RKE2), where pods do not resolve the correct IP addresses for internet domains.
kubectl run debug --image=busybox -i --tty --rm -- sh
/ # ping ...
- 209
0
votes
2
answers
27
views
ubuntu vm returning internal ip to docker image
I have a docker image running on multipass on a physical host. The docker container is trying to connect to a service running on the physical host. However, dns resolution tells docker that the ip ...
- 1
0
votes
1
answer
53
views
Do .ci domains have more frequent DNS issues than other domains?
The .ci domain extension has been very unreliable over the weekend:
outage of gouv.ci website
Does anybody have data or an idea of how often such outages have happened in the past?
We are planning to ...
- 3
-1
votes
1
answer
72
views
What will happen if a server decides to point its A record to localhost? [closed]
Context:
The Computer Science Department at Purdue University chose to place the following type A resource record entry in its domain name server:
localhost.cs.purdue.edu 127.0.0.1
Explain what will ...
0
votes
1
answer
33
views
Python gethostbyaddr being slow
I'm facing an issue today I can't explain and I'm hoping someone will be able to put me in the right direction.
I have a fleet of EC2 servers running a python script. When a user connects to my ...
- 626
-1
votes
2
answers
93
views
How can a server know which DNS resolver was used to resolve its name?
Update: The original question was made with wrong context in mind. What I should have really asked is how DNSBL works and why my DNS resolver matters.
I got the question examining this explanational ...
- 101
0
votes
0
answers
49
views
Kubernetes cluster via kubeadm - CoreDNS buffer size too small / Pods network problems
I am new to deploying on-premise Kubernetes clusters. I managed to deploy one using kubeadm with weave CNI.
Internet connection inside Pods is somewhat sluggish / non-working. I am trying to deploy ...
0
votes
1
answer
128
views
AWS Cognito: auth page not showing up, DNS_PROBE_FINISHED_NXDOMAIN from hosted UI URL
Here is the url I am navigating to:
https://auth.[domain].com/oauth2/authorize?client_id=[id here]&response_type=code&scope=email+openid+phone&redirect_uri=https%3A%2F%2F[domain]%2F[...
- 107
2
votes
1
answer
117
views
How to configure a Windows Server 2022 machine to allow file sharing with a DNS alias
Machines on my company's network can access file shares on a Windows Server 2022 system using the FQDN, but they can't access them using a DNS alias. I reviewed How to configure a Windows machine to ...
- 21
0
votes
0
answers
22
views
Load Balancer does't load some sites
I have a TP-Link Load Balancer TL-R480T+ and I use two Wan connections that go for an intern server that makes the DHCP server, etc.
But the problem is that here I use two sites that when I try to log ...
0
votes
0
answers
21
views
How to Forward an authorative zone in BIND between internal and public clients
I have a dns server authorative for my public records and my internal records , I want to forward a zone in my internal dns server so internal clients can access certain records without using the ...
0
votes
1
answer
33
views
Windows DNS Lag and Timeouts
I've recently migrated some 2012 R2 servers to Server 2022, including some domain controllers.
Everything appears to be fine except that one of the VMs is behaving strangely when attempting name ...
- 73
0
votes
0
answers
23
views
Is Cloudflare a good option in this case and if so, how set up it?
I need to make a small (courses) platform where users aren't supposed to download the videos.
Is pass the media through CloudFlare a good way to prevent those downloads at least make harder? if not, ...
- 1
0
votes
0
answers
25
views
Using split DNS when devices default to DNS over HTTPS/TLS?
Some routers don't support hairpinning, and even when they do, it can be inefficient, so split DNS is often proposed as a best practice for hosting services that should be accessible locally and ...
- 121
0
votes
1
answer
74
views
How to configure unbound to forward local hostname resolution to my local DNS server?
How can I configure unbound to forward local hostname resolution to my local DNS server (e.g., 192.168.1.1), i.e. for hostnames without any dot, such as "foo"?
Note that for all the other ...
- 223
1
vote
1
answer
1k
views
How can I configure my DNS settings on Debian 12?
I'm trying to change my DNS settings on my Debian 12 VPS, and by this I mean, I want to use a public resolver like 1.1.1.1 instead of my VPS host's resolver.
I remember in Debian 11 I could just edit ...
- 131
0
votes
1
answer
81
views
Windows Update Issues on Server Core 2022
I have two DNS servers (Nutanix VMs) running Server Core 2022. When I attempt to run Windows Updates from Sconfig, I get the following errors:
1) All quality updates
2) Recommended quality updates ...
- 1
0
votes
1
answer
57
views
DNS Forwarders Not Syncing
I have two Windows Server DCs, SERVER3 and SERVER4. SERVER3 is the PDCe.
On SERVER3 I changed the DNS forwarders from my ISP to OpenDNS, expecting the change to automatically sync to SERVER4.
It's ...
- 755
0
votes
0
answers
23
views
Why do I need to map separate s3 buckets for www subdomain requests in AWS?
I have a question about how DNS works in conjunction with AWS s3 buckets that I am trying to understand. I have a modest knowledge about DNS and AWS, but I don't understand why my routing solution ...
- 101
0
votes
1
answer
49
views
Experiment with DNS server resolution DENY policies doesn't work as expected [closed]
I am experimenting with DNS server resolution DENY policies, and it doesn't work as expected. Here is the general idea:
A test non-domain member with no special settings Windows PC with no special ...
- 758
1
vote
0
answers
28
views
How to forward subdomain DNS to Windows Server DNS while keeping the parent in local zone
I have a Bind9 (Ubuntu) as my primary DNS server in my lab environment and hosts zone files. I recently added Active Directory to the environment. My plan is to keep Bind9 as my Primary DNS and any ...
- 11
0
votes
0
answers
46
views
Cloudflare is able to fetch all my domain CNAME
Today, I was in the process of setting up an account with Cloudflare (the free tier). During the setup, it asked for the domain I wanted to configure. When I introduced my domain, and without making ...
- 101
0
votes
0
answers
76
views
Google Cloud + Google Domains DNS HTTP not working but HTTPS is
I have a website hosted on Google Cloud with a paid domain name registered at Google Domains. I opted in for the SSL option so the website can be served with HTTPS.
In the domain forwarding setting ...
google-cloud-platform
-1
votes
1
answer
55
views
How to set DNS return ipv6
I wanna get ipv6 when ping hostname, but with AD DNS manager, it always give ipv4. and below is my info. currently for it to work with ipv6 is either add ipv6 to hosts file or delete the ipv4 from DNS ...
- 1
1
vote
1
answer
80
views
Unable to log into RDP session on remote site servers using domain creds
The Setup
I have a single on-prem Active Directory domain. The domain is configured with 3 AD sites, each with a global catalog domain controller. Site A is the main hub, and Site B and Site C are the ...
- 111
0
votes
1
answer
54
views
CNAME DNS delegation
Just want to confirm/correct my understanding of how CNAME delegation works
if I have a CNAME cdn.example.com in my DNS that points to a third party CNAME cdn.thirdparty.com, can that third party ...
0
votes
1
answer
38
views
How to change host and retain email MX records
I am changing servers for a client, but keeping the same domain. How do I ensure I don’t break email?
Original DNS
Host Name, Type, TTL, Data
example.com, A, 1 hour, xxx.xx.xxx.xxx
example.com, MX, 1 ...
0
votes
0
answers
24
views
DNS timeouts between Hetzner Cloud VMs and Azure private DNS
I have asked the same question already on networkengineering.stackexchange.com, but it might be that it was not the right place to ask. so i was referred here.
We have the following setup
There are ...
0
votes
1
answer
45
views
bind9 multiple ports zone and dns64
When I add the zone it stops working. How can I use them together? I want to go to the zone "." via port 5353
And go to DNS64 via port 53
zone "." {
type slave;
masters port 5353 { ...
0
votes
1
answer
75
views
Can't resolve private domains using bind9 with Wireguard VPN connection
I have a VPS with static external IP and Ubuntu 22.04. I configured the Wireguard VPN connection to my server tunneling all traffic through VPS. I also have UFW enabled. I want to resolve some domains ...
1
vote
0
answers
30
views
Set-DnsServerCache: Failed to connect to DNS server
I am trying to change my computer's DNS cache max time to live.
It is not in any domain, I am the full administrator on the computer - built-in administrator account + disabled group policy "Run ...
- 11
0
votes
0
answers
59
views
IPv6 / Kea DHCP / Ubuntu 20.04 / DNS Server Issue
Here is my current setup:
I have IPv6 / IPv4 enabled in my environment.
My router is doing RA for that IPv6 subnet.
Router is configured with other options flag.
I have Kea DHCP6 / DHCP4 server ...
0
votes
2
answers
80
views
Unable to poison DNS with `dnsmasq`
In my Tomato router, I added address=/example.com/192.168.1.200 to my dnsmasq.conf so that https://example.com in my browser works even if the internet is down.
After adding it, ping example.com would ...
- 155
0
votes
1
answer
49
views
DNS load balancing with health checks
I have a problem here.
We have a setup of compute instances on two different cloud regions from a cloud provider I would not mention except to stat that it is painful to work with.
Those instances are ...
- 1
0
votes
1
answer
37
views
NGINX: Redirect to Non-www address
I am trying to configure my website with NGINX. I'm a bit out of my depth and have tried all the relevant solutions I could find, so your patience is appreciated :)
I want all http traffic to redirect ...
- 3
0
votes
1
answer
42
views
Issue with Bind9 and wildcards
I set up both bind9 and DNSMASQ servers to forward public-ubiservices.ubi.com to my IP address, but client kept failing to connect to it, I checked bind9 logs and found out the client is trying to ...
- 1
0
votes
0
answers
36
views
Excluding region prefix from domain in AWS Elastic Beanstalk
I am using AWS Elastic Beanstalk to run a private server for an older game that's no longer supported by the developers. The main executable for that game sends requests to an old elastic beanstalk ...
- 1
0
votes
1
answer
32
views
Point many domains to a single simple web form, using nothing but domain records configuration
Context: A friend of mine has a business selling domain names. As I work in IT as a C# developer he came to me with his request. Although I know little of these kind of things.
Request:
He wants to ...
0
votes
1
answer
86
views
Possible to mirror DNS forward lookup zone to second TLD? (Windows Server)
We recently started using a new TLD for our company, but are still maintaining the old TLD.
On our local DNS server (Windows Server 2012) we have internal DNS records set up as subdomains of the old ...
- 103
0
votes
0
answers
43
views
DNSSEC - Unable to sign the relevant files
I have set up a working DNS server on an Ubuntu 22.04 LTS as part of a single server (DNS, SPF, Email, firewall etc)
IP: 192.168.122.189
Test Domain: jetj.ltd
Hostname:mail
The files I have are:
db....
- 1
1
vote
1
answer
49
views
Understanding RRSIG DNS query
Is the presence of RRSIG highly uncommon? I tried to fetch RRSIG records for many popular domains including trying out different resolver. I didn't get any RRSIG records in the answer section.
dig @1....
- 317
0
votes
0
answers
42
views
How to set Windows Server DNS to resolve recursively for every IP in my subnet?
Windows Server DNS server (active directory integrated) does not resolve for linux clients in my subnet, but resolves for Windows machines that are domain members.
Disable recursion checkbox is NOT ...
0
votes
2
answers
88
views
What is the behavior of a DNS resolver if one authoritative name server does not have particular record but another one does
Say I have sent a query for TXT record for m1._domainkey.amazon.com
nslookup -q=txt m1._domainkey.amazon.com
Say the authoritative nameservers for amazon.com are
amazon.com nameserver = ns1.amzndns....
- 19
0
votes
0
answers
42
views
ERR_ADDRESS_UNREACHABLE on IPv6
I'm having an issue at some coffee shops that use comcast wifi. These shop only allow ipv6 and it's causing websites to not load with the error ERR_ADDRESS_UNREACHABLE. Some websites work (google.com, ...
0
votes
0
answers
60
views
How to host my own DNS server for my own domain
I have a domain that is something like mydomain.com and I want to manage the DNS for it myself using my own DNS servers (on a completely different domain - EDIT): ns1.myowndns.com, ns2.myowndns.com, ...
- 101