Skip to main content

DWI - Not all the time "Authoritative" helps

We already saw the common issues when custom domain is involved where we saw a tool called DWI - Dig Web Interface which will help us get DNS records of a particular domain.

Today while coming across a forum thread, got to notice a strange thing ever. It's not the first time however. If you refer the article about corrupted DNS, the blog URL used had similar issue.

It is normally recommended to use "Authoritative" under Name servers when digging a domain. However this doesn't always workout.



Let us consider the following URL in issue.
  • newsblok.com
  • www.newsblok.com

The actual authoritative Dig Log gives us the following results,

newsblok.com@dns1.name-services.com.:
/usr/bin/dig: couldn't get address for 'dns1.name-services.com.': failure
newsblok.com@dns2.name-services.com.:
/usr/bin/dig: couldn't get address for 'dns2.name-services.com.': failure
newsblok.com@dns3.name-services.com.:
/usr/bin/dig: couldn't get address for 'dns3.name-services.com.': failure
newsblok.com@dns4.name-services.com.:
/usr/bin/dig: couldn't get address for 'dns4.name-services.com.': failure
newsblok.com@dns5.name-services.com.:
/usr/bin/dig: couldn't get address for 'dns5.name-services.com.': failure

http://digwebinterface.com/?hostnames=newsblok.com%0D%0Awww.newsblok.com&type=&useresolver=8.8.4.4&ns=auth&nameservers=

Here's a screen shot:

So I went ahead and changed it to "Resolver: Default" and got the following result.

newsblok.com@8.8.4.4 (Default):
newsblok.com.  1799 IN A 216.239.32.21
newsblok.com.  1799 IN A 216.239.36.21
newsblok.com.  1799 IN A 216.239.34.21
newsblok.com.  1799 IN A 216.239.38.21 
 
www.newsblok.com@8.8.4.4 (Default):

www.newsblok.com. 1773 IN CNAME ghs.google.com.
ghs.google.com.  86373 IN CNAME ghs.l.google.com.
ghs.l.google.com. 273 IN A 216.58.192.179
 

http://digwebinterface.com/?hostnames=newsblok.com%0D%0Awww.newsblok.com&type=&ns=resolver&useresolver=8.8.4.4&nameservers=

Here's a screen shot:
Of these, the ones highlighted in red can be ignored as resolver will give us all the URL mapping.

So it could be inferred as DWI first reads ghs.google.com and when looking for ghs.google.com it finds ghs.l.google.com and when looking for ghs.l.google.com it finds the IP Address 216.58.192.179.

To avoid this kind of confusion only usually "Authoritative" is used. Now that the option is ruled out we have to infer it this way.

As far as this issue is concerned, we have no additional A records or CName records which means the DNS is setup correctly.

Also this confirms that we need to check if DNS is corrupted only in few cases.

Comments

Feeds for you

Blogger in Draft says "Try the new Blogger!"

It's been long time that I wrote something here. Interestingly there seems to be a new update in Blogger in Draft (https://draft.blogger.com).

Common issues where custom domain is involved.

In BHF, one of the common issues we face is setting up custom domain. We already have a lot of information on how to setup a custom domain. So I am going to go ahead and write on the troubleshooting tips for custom domain.

This article is dedicated to +Chuck Croll  who has been/is a great mentor to me  since the beginning.

So let's start with the first and foremost golden rule of Custom domain troubleshooting.
Any issue where you have custom domains involved, first check if the custom domain is setup properly.