DNS resolution not working properly

DNS & Network
#1

Hi, previous week i migrated DNS management from siteground to aws and everything worked perfectly.

I’ve on my DNS some records related to Cloudflare resolution:
cloudflare-resolve-to.infolot.es CNAME infolot.es
www.infolot.es CNAME www.infolot.es.cdn.cloudflare.net

Then I’ve an A record pointing to the instance which is located in AWS.

So, the problem is that now, I’m getting host error, my instance is up and running, traceroute command doesn’t reach instance.

My first question is:

  • I still see on Cloudflare DNS that my DNS provider is Siteground when it is not, and I think this is causing problems because it’s not doing redirection properly due to this.

Anyone can help me, please? Thanks!!_

#2

That’s a host issue I am afraid, not Cloudflare related. You need to talk to your host and clarify why your server is not accessible.

The other thing is, you should double check your nameservers as they point to Amazon and I am not aware of Amazon having partner setups with Cloudflare, so you might have a completely wrong configuration.

#3

You do have dan and alexa assigned on Cloudflare, so there might be actually a proper account set up, in which case you’d need to change the nameservers but you will still need to make sure Cloudflare is pointing to the right addresses.

#4

Hey Sandro,

Thanks for you support, I’m not a cloudflare expert. I guess infolot.es is using cloudflare as SSL and firewall services but it also redirects to correct dns.

The options I’ve as you’ve describe above is:

  • Skip cloudflare and point directly to AWS
  • Configure Cloudflare to do the work on AWS.

Am i correct?

#5

If you mean by that you don’t have a proper SSL setup on your server, your site will be still insecure. You should fix that too.

I am afraid I can’t comment on your setup as I can’t know what you configured, but you either point to the right nameservers (assuming the Amazon one’s are not correct) or use Cloudflare’s nameservers.

I’d first clarify with your host where your domain should point to. If the current configuration is correct you’d need to check why your server is not responding.

And fix the certificate issue if you don’t have a certificate :slight_smile:

1 Like
#6

Agreed about certificate, i need to sort this but first I would like to recover the service, even if it’s not secure to be sure all is aligned.

I think I should remove previous domain, add a new one with AWS DNS configuration and then, continue moving forward but at this point, Cloudflare will know about AWS DNS configuration.

#7

Generally I’d advise against partner setups as you will have more control with a proper one, but it’s of course your decision. In that case you should switch over to the Cloudflare nameservers, but you still need to check if the current IP address is correct or not. If it is not you need to enter the right one, if it is you need to check if your host why the machine is not working.

#8

As far as I can tell your IP address should end in 249 instead. And that machine actually does have a valid certificate. But you should really verify this with your host.

And in this case you will have to switch to a full setup anyhow. So change the nameservers to Cloudflare, make sure the right addresses are configured and you are good to go.

#9

You’re right, I’ve updated my AWS DNS related to infolot.es with old server IP (ended 249) and it works, when i change it to new server IP in AWS, it doesn’t work.

I will take a look at my host server and will generate the SSL certificate in order to see if it works.

#10

The 249 has a valid certificate. Just make sure you renew it when it expires in April.

If that’s the right address you should be set, though you’ll probably still should change the nameservers as your current setup is using neither your host nor Cloudflare and that will break if things change.

#11

Hi Sandro,

Sorry, but i still don’t understand the DNS nameserver change you’re suggesting.

A week ago, it was siteground, now it is AWS. Where I’ve to change DNS Nameserver?

  • I want aws to manage DNS but still want to use cloudflare to provide SSL service. Is that possible?

Thanks!

#12

It’s not. Also Cloudflare won’t provide any SSL service, but you have a certificate anyhow.

The best advice, either move DNS back to your host or change it to Cloudflare. Do not use Amazon.

#13

So, I think I’ve two options:

  • Move back DNS management to siteground again or move it to Cloudflare.
  • Move out from Cloudflare and get a SSL certificate from AWS

Correct, Sandro?

#14

Sort of. But you do have a certificate, so I am not sure what the point of the exercise is.

1 Like
#15

Yeah, I understand, the main objective is to move all the stuff into AWS.

  • DNS management
  • Server host

Old configuration from another company was using siteground + cloudflare, my idea was to keep cloudflare but if it’s not compatible with AWS (meaning i cannot keep dns management on AWS), I need to sort out it in some way…

So I think i’m gonna move into, dns, host and certificate on AWS + adding extra layer in front of instance in order to protect it a bit more.

#16

So you want to move hosting altogether? In that case you should deactivate the partner setup and move to a full account, however then you won’t be able to use Amazon’s nameservers.

Essentially, if you want to use Cloudflare you have to use their nameservers, unless you are willing to upgrade at least to a Business plan.

#17

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.