I have setup our internal domain on a Google Cloud DNS Zone. Then I pointed my computer to the Zone's name servers and 8.8.8.8 for fallback/public IPs. I can resolve all my internal addresses fine and most public addresses as well. For some reason, the DNS names for Google sites are not resolving. For example, the following do not resolve:
www.google.com
www.gmail.com
www.youtube.com
Any ideas on how to fix this?
UPDATE
$dig www.google.com
; <<>> DiG 9.8.3-P1 <<>> www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14289
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;www.google.com. IN A
;; AUTHORITY SECTION:
google.com. 300 IN SOA ns-cloud-c1.googledomains.com. dns-admin.google.com. 1 21600 3600 1209600 300
;; Query time: 29 msec
;; SERVER: 216.239.32.108#53(216.239.32.108)
;; WHEN: Fri Mar 13 12:49:36 2015
;; MSG SIZE rcvd: 104
Then I pointed my computer to the Zone's name servers and 8.8.8.8 for fallback/public IPs.
Don't do that. You need to set your computer to use a DNS resolver to access things from the internet. The Cloud DNS nameservers will not answer questions for anything other than the zones they host - they are "authoritative" servers, not "resolvers". 8.8.8.8 and 8.8.4.4 are Google's public DNS resolvers - they answer questions for anything on the Internet not because they actually "own" that data, but because they go off and make queries on your behalf to discover the answer from authoritative servers.
If your zone was public, this would be all there was to it - the resolver would work down the tree to find your zone and then give you the answer. There would be no special configuration. But if this zone is private - you didn't buy a domain or create it in a domain that already exists - you'll need to do some extra work because nobody on the internet can find it unless they know where to look. You'll need to run your own resolver that knows to do something different and private for this kind of name. That's called a 'view'. At that point you could consider just hosting the data directly on that server.
The name server's that cloud dns mentions is something you might have configured in your domain config. whereas 8.8.8.8 is the google public dns resolved. Both aren't the same. What does your dig command show for google sites when resolved via 8.8.8.8?
Related
This is my first time creating a custom domain on Github.
I have a domain with domain.com and I have followed every step necessary such as adding Alias and CNAME as well as the IP addresses. However, I keep getting this error
Both beatricewambuimbugua.com and its alternate name are improperly configured
Domain's DNS record could not be retrieved. For more information, see Learn more (InvalidDNSError). We recommend you add an A record pointed to our IP addresses, or an ALIAS record pointing to beatricewambuimbugua.github.io.
What am I doing wrong?
Alias and CNAME entries
Also when I run $ dig beatricewambuimbugua.com +nostats +nocomments +nocmd
I get this result: ;; global options: +cmd ;beatricewambuimbugua.com. IN A
showcasing the IP addresses are not noticed.
I transferred a domain from Godaddy some time ago. I have created an EC2 instance with Elastic IP which works fine but it's not resolving the domain name.
The test in the AWS portal resolves the A record to the correct Elastic IP, but the name just gives:
...... server IP address could not be found.
Try running Windows Network Diagnostics.
DNS_PROBE_FINISHED_NXDOMAIN
People have said that the DNS might still be with Godaddy, but I can't see the domain in my Godaddy account.
Dig gives A record
id 19510
opcode QUERY
rcode SERVFAIL
flags QR RD RA
;QUESTION
parlepal.com. IN A
;ANSWER
;AUTHORITY
;ADDITIONAL
and NS
id 50166
opcode QUERY
rcode SERVFAIL
flags QR RD RA
;QUESTION
parlepal.com. IN NS
;ANSWER
;AUTHORITY
;ADDITIONAL
Any suggestions would be welcomed.
(Moving down from comment...)
A Registered Domain is associated with a number of Name Servers.
Hosted Zones have an NS record that defines the Name Servers to use with the Hosted Zone.
The Name Servers in both these sections need to match for the resolution process to work correctly.
See: Linking Amazon Route 53 Domain Name to EC2 instance
Yesterday I setup a new dns zone netdav.net. I pointed the nameservers from Dotster where it is registered to Google's cloud name servers. I am unable to query my own DNS name using Googles name server's that I was told to use. They are:
ns-cloud-b1.googledomains.com.
ns-cloud-b2.googledomains.com.
ns-cloud-b3.googledomains.com.
ns-cloud-b4.googledomains.com.
Below is an example error on nslookup:
> server ns-cloud-b1.googledomains.com
Default Server: ns-cloud-b1.googledomains.com
Addresses: 2001:4860:4802:32::6b
216.239.32.107
> set q=NS
> netdav.net
Server: ns-cloud-b1.googledomains.com
Addresses: 2001:4860:4802:32::6b
216.239.32.107
*** ns-cloud-b1.googledomains.com can't find netdav.net: No response from server
I'm having difficulty getting a custom Domain Name setup for an e-mail provider and I suspect something is wrong with Google's DNS servers.
Below are some records in netdav.net:
netdav.net. NS 21600
ns-cloud-b1.googledomains.com.
ns-cloud-b2.googledomains.com.
ns-cloud-b3.googledomains.com.
ns-cloud-b4.googledomains.com.
netdav.net. SOA 21600
ns-cloud-b1.googledomains.com. cloud-dns-hostmaster.google.com. 1 21600 3600 259200 300
#.netdav.net. MX 300
10 mail.protonmail.ch.
Google's instructions for name server setup:
Registrar Setup
This zone will not normally be usable until you register the related domain and configure it to use these name servers:
Type Data
NS
ns-cloud-b1.googledomains.com.
ns-cloud-b2.googledomains.com.
ns-cloud-b3.googledomains.com.
ns-cloud-b4.googledomains.com.
I don't know if you could solve your issue, but as far as I know CNAMEs records aren’t allowed to co-exist with other records for the same name, that mean a NS, TXT, MX or SOA records, according to RFC 1912 [1].
If you are using CNAME, as a workaround, you can change the CNAME to A record, and then set up the TXT and MX records.
[1] https://www.ietf.org/rfc/rfc1912.txt
I'm in the process of testing GC DNS and have created zones and records. However, doing nslookup (windows/command line) times out when querying assigned Google NS directly:
> www.some_domain_A_record.com.
Server: ns-cloud1.googledomains.com
Addresses: 2001:4860:4802:32::6e
216.239.32.110
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to ns-cloud-e1.googledomains.com timed-out
Does anyone have any advice/input on this?
Notes:
I am only using Cloud DNS for this project (no GCE/GAE/VM, etc.), essentially "just DNS". I'm looking to migrate from some existing DNS (only) provider to Google cloud DNS
This means resources (A, CNAME, MX, etc.) aren't necessarily related to any GC hosted app or service (some could be - e.g. Google Apps/Work, etc.). In other words "typical" DNS zone/records.
This is for an existing/live domain/zone
I have not made any changes at the registrar level (I'm testing first) and querying the google ns assigned for the zone directly
To SO community:
Completely understood that this isn't a programming question. Its just that this is the "Bronze" level support area for Google.
Update
Using Mac terminal actually succeeds
> server
Default server: ns-cloud1.googledomains.com
Address: 216.239.32.106#53
> gcloud-test.some_domain_I_have.com.
Server: ns-cloud1.googledomains.com
Address: 216.239.32.106#53
gcloud-test.some_domain_I_have.com canonical name = the_right_target.com.
Name: the_right_target.com
Address: 1.2.3.4
Will dig some more, seems something to do with Windows nslookup..weird...it's not some firewall, I can nslookup some other domain using whatever specific (or public) name server.
Update 2
Getting weirder - Windows (10 not that it should matter) on same Mac (vm/parallels) above works fine as well...
Update 3
As of today 9-24-2015 it seems the odd behavior on Windows nslookup (interactive mode) when querying your assigned Google ns directly is resolved.
Bottom line: All's good and running quite smoothly! To the Google Cloud I go :)
On (all*) Windows - it just seems that if you have/want to query your assigned Google NS directly, you have to do nslookup in non-interactive mode (aka "one liner") as shown below. You'll do this if you want to check/query resources before DNS propagation (after which, you don't really need to query your assigned NS directly).
Alternatively, you could nslookup interactive mode if you use the IP address of your assigned Google NS (sample also below).
*"all Windows" - meaning host/pc and OS. As above, Windows on Mac (VM/Parallels) is strangely unaffected by this weirdness - you can use nslookup interactive mode and query your ns directly just fine...Mac/OSX terminal is fine/unaffacted
Partial answer, scoped to Windows:
To make it work,
use nslookup in non-interative mode: nslookup name-of-resource the-google-ns
e.g. nslookup foo.com ns-cloud1.googledomains.com
or
use the IP address of the google ns in interactive mode:
c:\nslookup
> server 216.239.32.106
Default Server: ns-cloud-a1.googledomains.com
Address: 216.239.32.106
> the_resource_to_lookup
As to "why", I'll defer to network folk - haven't worn that hat in years -seems something to do with PTR/reverse lookup, but that's just a guess...
Looking at your inquiries, on your Windows you're using ns-cloud-e1.googledomains.com as the name server, however on your Mac you're using ns-cloud1.googledomains.com which is ns-cloud-a1.googledomains.com.
If both inquiries are for the same zone, then time-out on the first nslookup inquiry makes sense. Your workaround used a correct DNS server for the nslookup inquiry.
The solution is modifing your Windows DNS settings from ns-cloud-e1.googledomains.com to ns-cloud-a1.googledomains.com (same DNS settings of your Mac).
Using the Developers Console, under Cloud DNS you can verify what DNS servers your zone is associated to.
I'm in the process of moving my DNS to Google Cloud Platform and wish to set up vanity nameservers.
Is this possible with gloud?
I have two domains currently in my project
abc-net.co.uk (vanity)
abc.co.uk (company domain)
I have set 4 records of
ns1.abc-net.co.uk A -> 216.239.32.109 (ns-cloud-d1.googledomains.com)
ns2.abc-net.co.uk A -> 216.239.34.109 (ns-cloud-d2.googledomains.com)
ns3.abc-net.co.uk A -> 216.239.36.109 (ns-cloud-d3.googledomains.com)
ns4.abc-net.co.uk A -> 216.239.38.109 (ns-cloud-d4.googledomains.com)
I have compiled all records in my project for abc.co.uk but when I run a dig against #ns1.abc-net.co.uk it tells me recursion is not allowed
Can I not set up vanity nameservers?
NS Specification
NS records must point to address records (e.g. A and AAAA) and not to alias records (e.g. CNAME).
- see RFC 2181 section 10.3
Summary
Correctly creating Google Cloud vanity nameservers is possible, but does require the risk of future server down-time if Google changes any nameserver IP addresses associated with your vanity nameservers. If such a risk does not bother you, use the following directions to create them.
Directions
Note: The following directions were provided at a time when IPv4 A and IPv6 AAAA records ruled the web.
Get each nameserver's IPv4 and IPv6 address.
``` $ host ns-cloud-x0.googledomains.com ```<br/><br/>
Create A and AAAA records for each vanity nameserver at your domain's local DNS zone.
Register each vanity nameserver's FQDN, IPv4, and IPv6 with your domain's registrar (e.g. Enom and GoDaddy).
Wait for your registrar to confirm the addition of your vanity nameservers.
Wait 24-72 hours to allow the new DNS records time to propagate.
Update the NS and SOA records of your domains to point to your vanity servers.
Yes, it is perfectly doable with Google Domains.
In the Custom resource records section, create A records and point them to Google DNS servers (ns1.abc-net.co.uk A -> 216.239.32.109, etc.), exactly as you did above
In the Registered hosts section, create glue records (ns1.abc-net.co.uk, etc.), pointing them to the same Google servers
In the Nameservers section, enter your custom name servers (ns1.abc-net.co.uk, etc.).
Wait for DNS propagation (it will be near instant if you use Google or Cloudflare DNS resolver).
Note that you won't be able to have DNSSEC active.
Hope this helps.
Instead of A records hardcoding the IPv4 address of ns-cloud-d#.googledomains.com, create 4 CNAME records, ns#.abc-net.co.uk, pointing to the ns-cloud-d#.googledomains.com servers. Then, your NS record would be all four of the ns#.abc-net.co.uk names that you made CNAME records for. I just did this with my domain and it is working great.
This allows the IP addresses of Google's resolver servers to change without breaking your DNS functionality. Additionally, IPv6 clients will resolve over IPv6.