0

About a week ago, I followed the AWS Route 53 instructions for creating a subdomain hosted zone to handle traffic for "request.i-codedesign.com".

The hosted zone provisioned these NS servers:

ns-1009.awsdns-62.net.
ns-1198.awsdns-21.org.
ns-1.awsdns-00.com.
ns-1807.awsdns-33.co.uk.

Also a week ago, I updated our DNS Service (Dotster) to add the above Name Server records: Dotster listing of DNS records associated with i-codedesign.com

For a while this worked well, traffic was getting to the intended server.

Within the past week, it stopped working. What steps can I take to troubleshoot this? I've tried nslookup request.i-codedesign.com ns-1.awsdns-00.com, for example, but it just returns four sets of "DNS request timed out. timeout was 2 seconds."

EDIT

When I try from home, the address resolves and I can see my web app.

From here, this is the nslookup result:

C:\jhfrench>nslookup
Default Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

> set debug
> request.i-codedesign.com
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 2, rcode = NXDOMAIN
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        request.i-codedesign.com.home, type = A, class = IN
    AUTHORITY RECORDS:
    ->  home
        ttl = 3600 (1 hour)
        primary name server = home
        responsible mail addr = (root)
        serial  = 10274
        refresh = 3600 (1 hour)
        retry   = 3600 (1 hour)
        expire  = 3600 (1 hour)
        default TTL = 3600 (1 hour)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 3, rcode = NXDOMAIN
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        request.i-codedesign.com.home, type = AAAA, class = IN
    AUTHORITY RECORDS:
    ->  home
        ttl = 3600 (1 hour)
        primary name server = home
        responsible mail addr = (root)
        serial  = 10275
        refresh = 3600 (1 hour)
        retry   = 3600 (1 hour)
        expire  = 3600 (1 hour)
        default TTL = 3600 (1 hour)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 4, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 0,  additional = 0

    QUESTIONS:
        request.i-codedesign.com, type = A, class = IN
    ANSWERS:
    ->  request.i-codedesign.com
        internet address = 54.225.172.91
        ttl = 300 (5 mins)

------------
Non-authoritative answer:
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 5, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        request.i-codedesign.com, type = AAAA, class = IN
    AUTHORITY RECORDS:
    ->  request.i-codedesign.com
        ttl = 900 (15 mins)
        primary name server = ns-1828.awsdns-36.co.uk
        responsible mail addr = awsdns-hostmaster.amazon.com
        serial  = 1
        refresh = 7200 (2 hours)
        retry   = 900 (15 mins)
        expire  = 1209600 (14 days)
        default TTL = 86400 (1 day)

------------
Name:    request.i-codedesign.com
Address:  54.225.172.91
Jeromy French
  • 309
  • 4
  • 15

1 Answers1

6
$  ~  dig request.i-codedesign.com ns

; <<>> DiG 9.8.3-P1 <<>> request.i-codedesign.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6399
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;request.i-codedesign.com.  IN  NS

;; AUTHORITY SECTION:
i-codedesign.com.   10798   IN  SOA ns3.webminders.com. root.i-codedesign.com. 1316218819 10800 1800 604800 300

;; Query time: 42 msec
;; SERVER: 192.168.3.1#53(192.168.3.1)
;; WHEN: Fri Jun 20 15:46:30 2014
;; MSG SIZE  rcvd: 98

There are no NS records for that zone, which is a problem. The query I issued should return the four nameservers you quoted in your answer.

In your i-codedesign.com zone, you need to create an NS record for the request subdomain.

Regarding your name server records posted, those are for i-codedesign.com. You still need to create NS records for the requests subdomain.

EEAA
  • 108,414
  • 18
  • 172
  • 242
  • Same deal. You have no `NS` records. – EEAA Jun 20 '14 at 20:47
  • I followed the AWS instructions for creating a subdomain (http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/CreatingNewSubdomain.html), including the part about registering the NS with the domain's registrar – Jeromy French Jun 20 '14 at 20:48
  • 5
    You missed (or botched) the "Updating Your DNS Service with Name Server Records for the Subdomain" section. – EEAA Jun 20 '14 at 20:48
  • (a week ago) I updated our DNS Service (Dotster) to add the above Name Server records. See my edit to the question for the resulting listing. – Jeromy French Jun 21 '14 at 21:35
  • 3
    @JeromyFrench - I don't know how I can state this any more clearly. **You have no `NS` records for that zone.**. The above query shows an `A` record and a `AAAA` record. No NS records. It would do you good to take a break, step back, and read up on how DNS works. You're flailing around and not getting anywhere. – EEAA Jun 21 '14 at 21:38
  • @JeromyFrench Maybe the thing that needs further emphasis is that when delegating a zone the same NS records are to be added both in the parent zone (purely for use as authority information) and in your actual zone as the actual authoritative records. One or the other alone is not enough. – Håkan Lindqvist Jun 22 '14 at 19:01