1

I've setup my personal website with github, figured out the DNS configs based on the following page. I used A records because those are used in Route53 configs and when I test my DNS routing for mydomainname.com with Route53 tool, I get the proper response.

Route53 Test apex name response

i.e. the DNS returns me the required GitHub IPs as I configured. However, when I try to run dig mydomainname.com I get an empty response.

Dig command response

I'm confident that I've waited long enough for changes to propagate (probably more than two full days now) so what could be the issue here? Any advice on how to further troubleshoot the routing issues?

UPDATE: Looked up my url's who is data. enter image description here

nikolaevra
  • 369
  • 2
  • 9
  • 1
    Things are too obfuscated to reproduce, but your whois data is wrong. Double check . I would be more helpful, but you removed the relevant details. – erik258 Jan 17 '19 at 15:59
  • What is whois data? And yeah, I understand data is limited here, but GitHub warns in their documentation that if you don't set custom apex name in your repo, but DNS is already pointing to GitHub IPs, then anyone can host on your url, so I tried to redact that data. – nikolaevra Jan 17 '19 at 16:01
  • 1
    whois shows the authoritative nameservers for the registration. It seems (not sure from your question) that the route53 servers you query first are willing and able to answer your query. when you ask the global DNS system in your second example, you aren't getting a valid answer. This leads me to believe the global dns system hasn't been properly told to glegat to the route53 servers. – erik258 Jan 17 '19 at 16:03
  • Interesting, so is that something that's out of my control and just requires more time to propagate? Or is there any way to configure it manually? – nikolaevra Jan 17 '19 at 16:05
  • 1
    you are responsible for configuring your domain servers since you registered the domain – erik258 Jan 17 '19 at 16:12
  • @DanFarrell I added the whois data to the question. I can clearly see that my current `NS` records in route53 are different from what whois is showing. I'm assuming this is where the problem might be coming from? Should I update my current route53 `NS` to the ones in whois or should I wait for the whois to update to my current route53 config? – nikolaevra Jan 17 '19 at 16:14
  • 1
    Check if https://stackoverflow.com/a/35970555/1145196 helps – Dusan Bajic Jan 18 '19 at 09:38
  • @DusanBajic Thank you. What you told me actually resolved my problem. If you want to convert it to an answer, then I'd definitely accept it as solution to my problem – nikolaevra Jan 20 '19 at 01:52
  • Thanks, you can just upvote that answer, no need to duplicate – Dusan Bajic Jan 20 '19 at 09:45

1 Answers1

1

DNS Hosting works with 2 steps: configuring the dns servers to answer queries, and delegating the domain to them.

The first part you seem to have working: you've set up a Route 53 Zone, configured the records, and have successfully resolved them from one of the nameservers in the NS record Route 53 configurd for you when you created the zone.

The second step is essentially to tell your registrar that when the public attempt to look up the domain, they should be referred to the route 53 servers you configured. By adding these same dns servers from the NS record in the working, public route 53 zone, you will delegate dns on that domain to those servers.

You registered your domain on amazon so it created a route53 zone for you, with matching DNS servers in it. Either you removed this zone or created another one. That's fine to do, but each zone costs 50 cents a month, so get in the habit of removing ones that aren't working. You can create any number of route 53 zones to serve the same domain, but the ones you put in the registrar are the ones the public will use to resolve the domain.

Once whois mydomain.tld ( or a web equivalent, if whois isn't available in your environment, like from your screenshot) shows the same nameservers that you can successfully query against with dig, you're golden. It might take some time for the registrar's setting to propagate; in practice this is typically on the order of minutes.

erik258
  • 14,701
  • 2
  • 25
  • 31