Can't resolve a domain using Cloudflare resolvers

I’m using Cloudflare resolvers 1.1.1.1 and 1.0.0.1 and I can’t resolve the following domain…

lightmindmusic.com

I can see it from everywhere else. The domain was registered on the 10th of November, but may have previously been registered before then.

I’m wondering if in a previous life, the domain was blocked by Cloudflare for some reason.

Any idea how I get Cloudflare to investigate that?

Weirdly enough, DNS Checker picks it up with all servers (including Cloudflare), but WintelGuy.com doesn’t with any server (including Google and Quad9).

1.1.1.1, 8.8.8.8 and 9.9.9.9 all return SERVFAIL when asked about lightmindmusic.com.'s name servers.

; <<>> DiG 9.16.23 <<>> lightmindmusic.com. ns @1.1.1.1
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 38018

But I get an answer if I ask the com. name servers directly.

; <<>> DiG 9.16.23 <<>> lightmindmusic.com. ns @a.gtld-servers.net.
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41029
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;lightmindmusic.com.            IN      NS

;; AUTHORITY SECTION:
lightmindmusic.com.     172800  IN      NS      ns1.4uh.net.
lightmindmusic.com.     172800  IN      NS      ns2.4uh.net.
lightmindmusic.com.     172800  IN      NS      ns3.4uh.net.
lightmindmusic.com.     172800  IN      NS      ns4.4uh.net.

And asking ns1.4uh.net. returns the same IP reported by dnschecker.org.

; <<>> DiG 9.16.23 <<>> lightmindmusic.com. @ns1.4uh.net.
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10605
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;lightmindmusic.com.            IN      A

;; ANSWER SECTION:
lightmindmusic.com.     7200    IN      A       80.68.86.13

I don’t know what the issue is or why it’s happening, but perhaps someone with more knowledge about DNS will have an idea :slightly_smiling_face:

Thanks for your efforts so far. I’ve had exactly the same results. Never come across this issue before.

Fixed it.

Looks like there was a legacy DNSSEC record for the domain at the registrar.

Thanks for your input guys.

1 Like