Setup: I’ve two domains, both for freenom and have “.ga” Top-level domain. I’ve migrated them to Cloudflare few days ago by putting name servers offered by Cloudflare ( kara.ns.cloudflare.com and will.ns.cloudflare.com ) instead of registars ones. One of them is using Cloudflare proxy on A-Name record, the second one is just using A record for dns only. DNSSEC is off for both domains. TTL is set to “AUTO”. The only records are A names for one, and A name+C name for the another one. Both of them also have “TXT” records automatically added by Email Security configuration.
Router gets DNS servers by DHCP;
PC and other devices behind the router are getting DNS by DHCP from the router by requesting router.
Amazon’s AWS EC2 machine is getting DNS automatically, and in nslookup command the server is showed as 127.0.0.53
Situation: I can’t resolve any of them for like 16 hours or so by using dns-server provided with ISP’s DHCP (188.8.131.52, but I assume it won’t accept requests from outside anyway).
Also, when I use nslookup command and specify server “184.108.40.206” or “220.127.116.11”, which resolves to one.one.one.one correctly, I get DNS request timeout. Trying to resolve any other domain names with 18.104.22.168 is fine, as long as it’s not “.ga” TLD (my.ga for example).
When I use 22.214.171.124\126.96.36.199 sometimes it resolves to 188.114.xxx.xxx, sometimes it does not resolve at all. Right now I can’t resolve it from my router when I use google’s dns, I also can’t resolve it from the machine on Amazon’s AWS its pointing to, but on PC behind the router It do resolves to 188.114.x.x even after dns flushing by specifying exact same dns server.
I’ve also tried to specify Yandex’s DNS server (188.8.131.52) and its either does not resolve at all, or resolves on PC, while not resolving on router and aws. Or resolving on AWS, but not resolving on router and PC.
I’ve also tried to purge cache on Cloudflare DNS and Google DNS with no result.
I’ve tried to resolve it on several websites to:
- dnschecker.org: resolves in 22 of 32 servers
- nslookup.io: Cloudflare DNS, OpenDNS, Authoritative do resolve it most of the time. Sometimes google resolves it, sometimes it doesn’t. Same for Russia local DNS.
- 2ip.ru : Sometimes it does resolve to 188.114.x.x , sometimes it doesn’t resolve at all.
When I try to dig +trace , from devices that fail to resolve it, the last jump is
ga. 172800 IN NS d.ns.ga. ga. 172800 IN NS a.ns.ga. ga. 172800 IN NS b.ns.ga. ga. 172800 IN NS c.ns.ga. ga. 86400 IN NSEC gal. NS RRSIG NSEC ga. 86400 IN RRSIG NSEC 8 1 86400 20220320170000 ... ... ... ;; Received 628 bytes from 184.108.40.206#53(i.root-servers.net) in 35 ms
TOR browser resolves it correctly, same with EPIC browser’s proxy (I don’t know which dns server they are using)
I’ve contacted my ISP (just in case) and they don’t know what’s the problem too.
UPD: I’ve also tested both domains with Diagnostic Center | Check SSL and Test Website Security | Cloudflare and got “Request Failed” in “Check nameservers” saying: dnsexception Error when communicating with the DNS server.
Hovewer, I’ve also got “Looking Good!” for “Check if connecting to ‘domain.com’ works” test.
UPD2: I’ve also forgot to mention that I’m not using any firewall anywhere, including my devices, Cloudflare and the server itself.
UPD3: mxtoolbox finds a-name records correctly.