Could not connect a subdomain to the Amazon Load Balancer

I have the Amazon Load Balancer. I tried to make one of my subdomains redirect requests to the load balancer. Following this doc (point Amazon ELB (Elastic Load Balancing)) I’ve created a new CNAME record:

I waited >20 hours and I still get nothing on api.mydomain.com. I checked 3 addresses and got:

Check the load balancer

$ nslookup xxx.us-east-2.elb.amazonaws.com

Server:         192.168.1.1
Address:        192.168.1.1#53

Non-authoritative answer:
Name:   xxx.us-east-2.elb.amazonaws.com
Address: 3.xx.xx.255
Name:   xxx.us-east-2.elb.amazonaws.com
Address: 3.xx.xx.165

Check the main domain

$ nslookup mydomain.com

Server:         192.168.1.1
Address:        192.168.1.1#53

Non-authoritative answer:
Name:   mydomain.com
Address: 108.xx.xx.71

Check the new subdomain

$ nslookup api.mydomain.com

Server:         192.168.1.1
Address:        192.168.1.1#53

** server can't find api.mydomain.com: NXDOMAIN

Questions:

  1. Should I do an additional setup to make it work?
  2. By the link (point AWS nameserver updates) I can find the instruction on adding nameserver records to Route 53, but I cannot find any info on how it helps me. I’ve replaced the default NS records of the domain on “Hosted zones” (AWS) with the two NS records from my Cloudflare domain, but no effect. Do I need to configure Route 53 to make the load balancer work with Cloudflare (I don’t use Route 53 for anything)?
  3. I’ve enabled the “Flexible” SSL/TLS encryption mode on Cloudflare. I need the Flexible encryption for the main domain and don’t need it for the subdomains, because they have their own SSL. Can this affect the problem?

@MoreHelp
I sent a request to technical support earlier #2190895
There you can find more specific information about the problem. I could not insert some sensitive data here, like domain names, IPs and etc.

Something definitely doesn’t add up here - if you have set up your CNAME to your AWS ELB as grey-clouded, you should get amazon IPs back from your resolver.

The best thing to do would be to check via an online tool like https://dig.ping.pe/ to see what the response is worldwide - and try via 1.1.1.1 and 8.8.8.8 for comparison. Also run dig +trace api.mydomain.com and make sure you are actually seeing the Cloudflare NS assigned to your domain. That’s the only reason I can think of why you’d be getting a different response - that your NS are not set to Cloudflare.

Thank you for your reply and for the https://dig.ping.pe

I still get Status: NXDOMAIN for 1.1.1.1 and 8.8.8.8.

I tried one thing today.
I have another domain on Cloudflare and I tried to create the same CNAME record for it and all works well and the new subdomain was available in less than 1min. I’ve also compared configs of these two domains and they both are configured identically.

It looks like I have an internal problem with my domain because updates in CNAME records seem to affect nothing. I have thought about deleting the domain and creating it once again to start from scratch, but this is not a good solution for my client right now.

You need to check what NS are actually set for that domain. I would run dig +trace example.com and whois example.com to see what the NS are set to.

You can also use the dig.ping.pe tool:

http://dig.ping.pe/cloudflare.com:NS:1.0.0.1

Replace cloudflare.com with your domain - and then check that the NS match the ones assigned to your domain in the Cloudflare dashboard DNS section.

I’ve checked my main domain mydomain.fr (just in case) and api.mydomain.fr.

api.mydomain.fr return NXDOMAIN for 1.0.0.1, 1.1.1.1 and 8.8.8.8.

mydomain.fr

api.mydomain.fr

On the cloudflare I have only two NS xxx.ns.cloudflare.com

So you have not switched your NS to Cloudflare - they are currently pointing to OVH. You need to visit your domain registrar and change your NS:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.