Apache DNS Resolves Slow on Route53 Configuration

1

So I have a server at Amazon EC2 running apache2.2 on Linux. I have several "VirtualHosts" running different domains. I am able to access each of the individual sites. My problem, at least I think, is their DNS's aren't being resolved correctly, meaning it takes forever for the site(s) to be found. Once they are located the site(s) perform as expected, but If I were to wait a few minutes and try to retrieve the site once more, it again takes a long time (20+secs) to resolve. This is for production, and not a local development. Note: If I go to to my servers elastic IP (54.245.114.102) my default site loads instantly.

Route 53

  NAME: tylerrafferty.com.
  TYPE: A
  VALUE: 54.245.114.102  -  10.252.55.103
  TTL: 60

  NAME: tylerrafferty.com.
  TYPE: MX
  VALUE: 0 smtp.secureserver.net  -  10 mailstore1.secureserver.net
  TTL: 7200

  NAME: tylerrafferty.com.
  TYPE: NS
  VALUE: ns-1043.awsdns-02.org. - ns-1709.awsdns-21.co.uk. - ns-328.awsdns-41.com. - ns-909.awsdns-49.net.
  TTL: 7200

  NAME: tylerrafferty.com.
  TYPE: SOA
  VALUE: ns-1043.awsdns-02.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
  TTL: 7200 

  NAME: www.tylerrafferty.com.
  TYPE: A
  VALUE: 54.245.114.102  -  10.252.55.103
  TTL: 7200

Tyler Rafferty

Posted 2013-07-03T06:53:08.723

Reputation: 113

2There's a disconnect between your perception of a problem and your proposed path to correcting it. A delay in resolving a DNS entity in this scenario occurs somewhere between a client computer, the caching DNS server it points to, and the authoritative DNS server that contains the answer. Nowhere along that path does httpd get involved, as your virtualhosts are not trying to resolve anything. I recommend focusing on the actual problem you see (i.e. show us the DNS query failing). – Andrew B – 2013-07-03T15:41:11.690

None of those hostnames appear to exist in the DNS. – Michael Hampton – 2013-07-03T17:10:10.140

@Michael Pardon? I can resolve all of them just fine. That did leave to discovering the actual problem though... – Andrew B – 2013-07-03T17:42:36.577

@AndrewB You see A or AAAA records for them? All I get is NOERROR... – Michael Hampton – 2013-07-03T17:43:58.627

@Michael I can, and +trace works, but something is jacked on these DNS servers. I've elaborated within the answer. – Andrew B – 2013-07-03T18:04:13.077

I have corrected my question. Please review it and help remove the negative downvotes. Thank you to all for the insightful tips and Andrew B for the solution. – None – 2013-07-03T23:03:20.377

Answers

4

round-robin DNS

Someone has inadvertently created broken round-robin DNS for those DNS records.

$ dig +short www.kyleseetaylor.com
54.245.114.102
10.252.55.103
$ dig +short www.vistamechanical.net
54.245.114.102
10.252.55.103
$ dig +short www.tylerrafferty.com
54.245.114.102
10.252.55.103

The problem you're experiencing is that there's a coin flip chance of getting either IP address as an answer, and people outside of your network cannot reach the 10net address.

(either that or your internal network can't get to the public IP, but the 10net IP is going to break things for everyone on the internet.)

Andrew B

Posted 2013-07-03T06:53:08.723

Reputation: 314

Why would my nameserver not return answers to requests for SOA records if I have it set? I am really eager to learn how to correct this problem. What should I read up on or focus on to resolve this issue? – None – 2013-07-03T19:13:45.023

Your authority is fine, I ran the SOA query against www. instead of the base domain. Answer has been edited. – Andrew B – 2013-07-03T19:19:50.473

After validating your solution it appears you were 100% correct. 10net(10.x.x.x) IP addresses are not routeable over the internet. The coin flip you speak of was a good analogy. Thank you. I've also edited my question as to be more relevant to the solution. Please upvote it if you feel that it can help others solve similar problems. – None – 2013-07-03T22:54:51.423

Asked: 2013-07-03T06:53:08.723

Viewed: 980 times

Active: 2013-07-03T23:19:27.060