DNS Not Resolving: ascreen.co


#1

The ascreen.co domain is not resolving for CloudFlare; this is a global issue. This domain has started to resolve as of 6 days ago. I am not sure if this is consistent or intermittent resolution.

This domain is hosted on a custom DNS server that serves a niche purpose.

http://dnsviz.net/d/ascreen.co/dnssec/

I am not including the requested dig output due to posting limitations for new users.

Any help is appreciated. Thanks!


#2

nslookup ascreen.co 1.1.1.1
Server: one.one.one.one
Address: 1.1.1.1

Non-authoritative answer:
Name: ascreen-co-lb01-262159036.us-east-1.elb.amazonaws.com
Addresses: 18.234.20.237
52.22.213.14
54.86.193.172
18.233.227.132
Aliases: ascreen.co


#3

Thanks. Like I said, this started resolving 6 days ago. I need to ensure that this is not intermittent; perhaps there is an underlying configuration issue that CloudFlare dislikes. This domain has been in use for quite some time and CloudFlare only started resolving it 6 days ago.


#4

It seems to return different responses based on the capitalization of the query name.

$ dig +norecurse ascreen.co @ns01.trueability.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> +norecurse ascreen.co @ns01.trueability.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64786
;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;ascreen.co.                    IN      A

;; ANSWER SECTION:
ascreen.co.             300     IN      CNAME   ascreen-co-lb01-262159036.us-east-1.elb.amazonaws.com.

;; Query time: 13 msec
;; SERVER: 34.205.242.29#53(34.205.242.29)
;; WHEN: Mon Sep 10 17:15:33 UTC 2018
;; MSG SIZE  rcvd: 105

$ dig +norecurse Ascreen.Co @ns01.trueability.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> +norecurse Ascreen.Co @ns01.trueability.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29164
;; flags: qr aa ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;Ascreen.Co.                    IN      A

;; Query time: 14 msec
;; SERVER: 34.205.242.29#53(34.205.242.29)
;; WHEN: Mon Sep 10 17:15:39 UTC 2018
;; MSG SIZE  rcvd: 28

Since 1.1.1.1 uses random capitalization, it will usually not get what you want.

On the other hand, zone apex CNAMEs are illegal, so the non-lowercase behavior is less useful but more valid.

(It also probably shouldn’t set the RA flag.)

You could use a different DNS service. For example, you could fix the invalid CNAME by using Amazon Route 53 alias records, or Cloudflare’s authoritative DNS service, which supports CNAME flattening. Many other DNS services also have similar features.

If you need other custom features, they may already be supported by some services, or possible to add on as some sort of module.


#5

Thank you for the reply. Random capitalization seems to be the most likely culprit. We have updated the DNS server to respond properly and will continue to monitor it.