DNS query failing for a specific subdomain on 1.1.1.1

Hello, good afternoon!

I am not able to Resolve a specific DNS Name on 1.1.1.1 server. When I dig for the address specifying Cloudflare’s 1.1.1.1 I got no result, but if I specify another DNS provider, e.g. 8.8.8.8 it resolves as expected.

See, I am able to successfully resolve any other DNS Name via 1.1.1.1, the error is only with this specific subdomain.

There’s anything I can do at my side to solve this question?

Thank you!

3 Likes

We just had the same issue with a EC2 AWS hostname, and it’s been a few minutes now without 1.1.1.1 being able to resolve it.

[email protected]:~# dig @1.1.1.1 ec2-X-Y-52-234.compute-1.amazonaws.com

; <<>> DiG 9.11.3-1ubuntu1.17-Ubuntu <<>> @1.1.1.1 ec2-X-Y-52-234.compute-1.amazonaws.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62588
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;ec2-X-Y-52-234.compute-1.amazonaws.com. IN A

;; Query time: 88 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Fri Oct 14 10:37:46 NZDT 2022
;; MSG SIZE  rcvd: 69
[email protected]:~# dig @8.8.8.8 ec2-X-Y-52-234.compute-1.amazonaws.com

; <<>> DiG 9.11.3-1ubuntu1.17-Ubuntu <<>> @8.8.8.8 ec2-X-Y-52-234.compute-1.amazonaws.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38444
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;ec2-X-Y-52-234.compute-1.amazonaws.com. IN A

;; ANSWER SECTION:
ec2-X-Y-52-234.compute-1.amazonaws.com. 21600 IN A X.Y.52.234

;; Query time: 35 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Oct 14 10:37:40 NZDT 2022
;; MSG SIZE  rcvd: 85
1 Like

Also having issue with anything hosted in compute-1 .amazonaws .com on 1.1.1.1

Working fine with 8.8.8.8

dig ec2-52-200-39-57.compute-1.amazonaws.com @1.1.1.1

; <<>> DiG 9.18.1-1ubuntu1.2-Ubuntu <<>> ec2-52-200-39-57.compute-1.amazonaws.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41353
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;ec2-52-200-39-57.compute-1.amazonaws.com. IN A

;; Query time: 16 msec
;; SERVER: 1.1.1.1#53(1.1.1.1) (UDP)
;; WHEN: Fri Oct 14 11:20:06 AEDT 2022
;; MSG SIZE  rcvd: 69
1 Like

futher analysis shows this might be a aws issue see here. DNSviz also shows errors for

https://dnsviz.net/d/compute-1.amazonaws.com/dnssec/



dig compute-1.amazonaws.com @1.1.1.1 NS

; <<>> DiG 9.18.1-1ubuntu1.2-Ubuntu <<>> compute-1.amazonaws.com @1.1.1.1 NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33368
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;compute-1.amazonaws.com.	IN	NS
1 Like

I was trying to solve an issue as to why all my Nest products stop working when using Cloudflare nameserver, but works on the google nameserver. It turns out that Cloudflare doesn’t resolve the CNAME properly and this is the exact same issue as the OP reported here.

What can be done to rectify this??

1 Like

Its been fixed now. Not a Cloudflare issue but a amazonaws issue. I also had issues with nest equipment. I narrowed down to an issue with compute-1 .amazonaws .com

dig compute-1.amazonaws.com @1.1.1.1 NS

; <<>> DiG 9.18.1-1ubuntu1.2-Ubuntu <<>> compute-1.amazonaws.com @1.1.1.1 NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16183
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;compute-1.amazonaws.com.	IN	NS

;; ANSWER SECTION:
compute-1.amazonaws.com. 900	IN	NS	u1.amazonaws.com.
compute-1.amazonaws.com. 900	IN	NS	u2.amazonaws.com.
compute-1.amazonaws.com. 900	IN	NS	u3.amazonaws.com.
compute-1.amazonaws.com. 900	IN	NS	u4.amazonaws.com.
compute-1.amazonaws.com. 900	IN	NS	u5.amazonaws.com.
compute-1.amazonaws.com. 900	IN	NS	u6.amazonaws.com.
compute-1.amazonaws.com. 900	IN	NS	ns1.p31.dynect.net.
compute-1.amazonaws.com. 900	IN	NS	ns2.p31.dynect.net.
compute-1.amazonaws.com. 900	IN	NS	ns3.p31.dynect.net.
compute-1.amazonaws.com. 900	IN	NS	ns4.p31.dynect.net.
compute-1.amazonaws.com. 900	IN	NS	pdns1.ultradns.net.
compute-1.amazonaws.com. 900	IN	NS	pdns3.ultradns.org.
compute-1.amazonaws.com. 900	IN	NS	pdns5.ultradns.info.
1 Like

Seems to be working here as well. Thank you for interacting!