Correct series of DNS resolution after TTL expire - server

Let's assume that the TTL of google.com expire , then will the resolver go to the root name server for resolving google.com or will it go to the nearest authority that is ns1.google.com assuming that the TTL of ns1.google.com is more than that of google.com.
The whole questions is will the resolver initiate a new dns resolution from root name server or the name server assigned by the domain itself ( ns1.goigle.com in case of google.com ) .

Related

How to redirect a dns that point to a ip server to another ip server without changing the dns

Is it possible to bypass the dns propagation to point directly an ip change from the old server to the new server ?
More concrete exemple of what I want to achieve :
www point to ip1 in A record
=> I change the www point to ip2
=> during the dns propagation is it possible to force the ip1 to redirect to the ip2 ?
You could install a proxy to ip1 to forward the requests on to ip2.
Usually such a DNS change is done by setting the TTL (time to live, this specifies how long a DNS answer should be cached) of the record to one minute or even one second. Then wait however long the old TTL was and then update the DNS to point to the new ip and reset the TTL.
This should limit the amount of requests going to ip1 after the change to a minimum.

Can't redirect Route 53 registered domain to IP address in S3 bucket

What I want to do:
I am trying to set up routing from a website that I registered with aws route 53 to an IP address that is outside of amazon servers (my home ip address).
Problem:
My route 53 website will not redirect to destination set in an S3 bucket.
Things I have done:
Register domain with Route 53 (let's call it mywebsite.net)
Create an S3 Bucket called mywebsite.net
Set the bucket so it Redirects all requests to another host name to mywebsite.net
Create a public hosted zone for mywebsite.net called mywebsite.net
Add a record to the zone with default name mywebsite.net
Set the record type to A - IPv4 address
Set Alias to Yes
Set Alias Target to the bucket called mywebsite.net
Left remaining options to their defaults
Things that work:
The bucket endpoint properly redirects to desired url
Things that Don't work:
The domain registered with route 53 does not resolve/work at all
Other information:
When I go into terminal and execute the command curl -i mywebsite.net
it prints curl: (6) Couldn't resolve host 'mywebsite.net'
Route 53 domains (as a registrar) should work exactly like a domain at any other registrator.
Let's pretend your home public IP is 123.50.50.123.
Verify that by opening a browser from INSIDE of your house and going to http://www.ipchicken.com
Can you ping 123.50.50.123 from OUTSIDE of your house? If Yes, then we can expect a PING on the domain to work once it is configured.If No, then your domain won't ping either.
Login to AWS Route 53 and setup an A record that has one IP, your public IP, that you verified.
123.50.50.123
Now wait... DNS changes are not immediate. It could be 5 minutes. It could be 24 hours if you are behind a DNS server that keeps its cache for a long time.
How will you know when the Domain DNS is setup correctly?
Check it out on http://www.mxtoolbox.com
in their search box put
a:yournewdomainname.com
Here's the result for Wikipedia "a:wikipedia.com". It should look similar. With the "IP Address" being your home public IP from earlier.
When everything is done.
You should be able to PING your domain (if PINGing the IP address worked)
Then you need to setup whatever servers that you wanted this domain for in the first place.

Creating subdomains and A records to servers in Windows Server DNS

We have a site hosted internally on the IIS of 2 different Server (192.168.1.1 & 192.168.1.2) Windows 2012 R2 by the name domain.com
1)What is needed that an entry should be made in DNS such that the developers are able to create a sub-site such as h1.domain.com or h2.domain.com or h3.domain.com
2)If a request is made for www it should be redirected to 192.168.1.1
3)If a request is made for www4 it should be redirected to 192.168.1.2
so by point 2 & 3, what i need is:
www.domain.com -> 192.168.1.1
www.h2.domain.com -> 192.168.1.1
www4.domain.com -> 192.168.1.2
www4.h2.domain.com -> 192.168.1.2
So what enteries should i make in the DNS server for this to work ?
First, you need to make a forward lookup zone for domain.com
I then recommend you decide which will the root domain server for domain.com, so when someone types in domain.com without the www. they still get taken to a server. You can either add on A record for one server, or both servers and they will take turns serving requests.
Right click on Forward Lookup Zones and select New Zone..., Primary Zone, Select which servers you would like the zone to be on, I normally do not need to change this, Allow only secure dynamic updates (recommended), Finish.
Then right click on your shiny new FLUZ domain.com and select New Host (A or AAAA)...
Name (Leave blank for root A record, and the IP address of the server(s) you want to use, this should leave you with (if you decide to make both the root):
(same as parent folder) Host(A) 192.168.1.1
(same as parent folder) Host(A) 192.168.1.2
Then you want to add more A records for the required subdomains, so for example
www4.h2.domain.com -> 192.168.1.2
This will have a 'name' in the New Record form of www4.h2
This will create a folder under domain.com called h2, within h2 you will find the record:
www4 Host(A) 192.168.1.2
When your finished you should have two records in the h2 folder, www and www4, and two records in the domain.com folder www and www4
You dont have to add the root A records, Im just OCD

How i can setup sub domain to when ping sub domain get another ip

Hello i register in https://noip.com and gets me a domain http://test.no-ip.biz this site every time my dynamic ip changed updated and i can know my ip any time when ping (test.no-ip.biz).
Now i want instead of (test.no-ip.biz) use my sub domain sub.domain.com i setup my domain to redirect to (test.no-ip.biz) and its work but when ping my domain get the ip of my host server. how i can setup sub domain to get the ip of (test.no-ip.biz)
you can add a CNAME record in your domain which points to test.no-ip.biz:
in your domain definition add:
sub IN CNAME test.no-ip.biz.

spamassassin rdns reversedns

Spamassasin gives the following flag on my emails:
*
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
"This test checks to see if there is a reverse DNS entry
for the last untrusted relay. Note that this may be done by
interpreting information in the relevant Received header - if reverse
DNS checks are not performed by the first trusted relay, or if they
are not recorded in the Received header, this test will be triggered
(regardless of the actual rDNS status)."
*
The only ip I can see on my emails are 94.143.11.2 -> which you can reverse dns to trophymanager.com. Google and hotmail have no problems with this - but Spamassassin gives it a flag - what am I missing here?
not sure about spamassassin, but many mail filters / MTAs (postfix for example) only accept the rDNS entry if it's Forward-confirmed. In your case, the forward confirmation does not work:
dig -x 94.143.11.2 +short
man01.trophymanager.com.
but man01.trophymanager.com does not have an A record.
Create an DNS record :
man01.trophymanager.com A 94.143.11.2
and Spamassassin probably won't complain anymore.
If your hosting account comes with an IP address, you might be able to change this within the dashboard of your hosting account, or open a ticket with your host if you're not sure.
That solved my "SMTP Reverse DNS Mismatch" error on https://mxtoolbox.com
However, mxtoolbox.com still complains "Reverse DNS is not a valid Hostname" the explanation from them is:
Your Reverse DNS Record (PTR) is not a valid host name. According to
email sending best practices, a PTR Record should be a valid host
name. If the PTR Record is not a valid hostname, there is a likelihood
that you will experience email delivery issues with anti-spam
services.
I looked up my registrar -- Namecheap says:
A PTR (pointer) record maps an IP address to the domain name. It’s
often called a "reverse DNS entry" because it converts an IP address
to a name.
PTR records are mostly used as a security and anti-spam measure, to
verify that a mail server address is allowed to send an email to a
particular hostname. The reverse DNS entry checks if a server name is
indeed associated with an IP address from where the connection was
initiated.
In order to set up a reverse DNS entry that will connect an IP address
to your domain (e.g., 127.0.0.1 should be mapped to yourdomain.com),
you will need to contact your IP address provider to create a PTR
record for the IP address.
It's possible I just need to wait a day, because when I updated the reverse DNS with my host there was a message saying "please wait 6-12 hours." If I remember, I'll come back and write an update.
The OP asks about this issue, but the other answers don't address that:
-0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
This is caused by reverse lookups of 127.0.0.1 returning localhost, commonly caused by redirecting mail in-and-out-of localhost for spam/virus filtering (like through amavis). It will create headers like this with rDNS showing incorrectly for as localhost for 127.0.0.1:
Received: from smtp.example.com (**localhost** [127.0.0.1])
by smtp.example.com (Postfix) with ESMTPA id A5F13FEF
for <example#example.com>; Wed, 26 May 2021 17:07:02 -0700 (PDT)
Note that I added *'s around **localhost** above to highlight the issue. By updating /etc/hosts file and placing your hostname before the word localhost it will be be placed correctly in your logs:
So you want this:
~]$ cat /etc/hosts
127.0.0.1 smtp.example.com localhost localhost.localdomain
::1 smtp.example.com localhost localhost.localdomain
not this:
~]$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain smtp.example.com
::1 localhost localhost.localdomain smtp.example.com
and definitely not this:
~]$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain
::1 localhost localhost.localdomain
... or you can configure rDNS for 127.0.0.1 but that seems silly...just what hostname should a centralized rDNS server with? Indeed, it can't ;)