1

Recently we've been having sporadic trouble resolving our subdomain towards 8.8.8.8, so we created a second subdomain for testing, with which we are unable to replicate the issue.

Original subdomain - 42894078.sip.teltel.io - fails occasionally through 8.8.8.8 with the error: server can't find 42894078.sip.teltel.io: NXDOMAIN

Testing subdomain - 42894078.xip.teltel.io - resolves fine through 8.8.8.8

xip.teltel.io is configured exactly as sip.teltel.io.

The only difference is that xip.teltel.io is hosted by DigitalOcean, but sip.teltel.io by AWS.

Do you know why one works but the other doesn't?

11lll
  • 41
  • 2
  • Neither of these domains seems to be valid. If you need help with DNS issues you have to provide the real names, otherwise it's impossible to check the settings. DNS names are public anyway so there's no point in censoring them. – MLu Dec 13 '20 at 23:19
  • @MLu That is the real domain name and they are indeed mostly resolving correctly. See also the user's previous questions. – Michael Hampton Dec 14 '20 at 00:38
  • @MichaelHampton interesting, it certainly doesn't resolve from my laptop, but resolves from one of our servers... – MLu Dec 14 '20 at 01:14

1 Answers1

1

All the points from the answer to your previous question still apply:

  • No NS records in your sip.teltel.io domain
  • The names ns1 and ns2.teltel.io still resolve to the same IP address - and it seems to be AWS IP EC2 instance address.

So it looks like you are running some DNS software (bind?) on an AWS EC2 instance - correct? I guess that's where the problem is - your bind may be misconfigured, rate-limited, DNSSEC inconsistencies or something else is at play here.

I suggest you migrate your zone sip.teltel.io to AWS Route53 managed DNS service and be done with it. It will provide all the DNS servers for you, redundancy, and it will probably cost less than running your own instance for bind.

Otherwise 1) fix the issues with your domain and then 2) dive deep into the bind logs and see what's going on there. I'd still suggest to migrate to Route53 though.

Hope that helps :)

MLu
  • 23,798
  • 5
  • 54
  • 81