Lightsail.aws.amazon.com is not returning A record

Query for lightsail.aws.amazon.com is not returning any A record.

This issue is also reported by other users at https://news.ycombinator.com/item?id=21699362.

$ dig lightsail.aws.amazon.com @1.1.1.1

; <<>> DiG 9.10.6 <<>> lightsail.aws.amazon.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33184
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;lightsail.aws.amazon.com.	IN	A

;; ANSWER SECTION:
lightsail.aws.amazon.com. 60	IN	CNAME	lbr.lightsail-lbr.com.
lbr.lightsail-lbr.com.	60	IN	CNAME	ap-southeast-1.lightsail.aws.amazon.com.

;; Query time: 521 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed Dec 04 23:45:08 +08 2019
;; MSG SIZE  rcvd: 138

While the same query with 8.8.8.8 is working correctly.

$ dig lightsail.aws.amazon.com @8.8.8.8

; <<>> DiG 9.10.6 <<>> lightsail.aws.amazon.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16212
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;lightsail.aws.amazon.com.	IN	A

;; ANSWER SECTION:
lightsail.aws.amazon.com. 59	IN	CNAME	lbr.lightsail-lbr.com.
lbr.lightsail-lbr.com.	59	IN	CNAME	ap-southeast-1.lightsail.aws.amazon.com.
ap-southeast-1.lightsail.aws.amazon.com. 59 IN CNAME ap-southeast-1.console.aws.amazon.com.
ap-southeast-1.console.aws.amazon.com. 59 IN A	54.240.226.142

;; Query time: 412 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Dec 04 23:47:48 +08 2019
;; MSG SIZE  rcvd: 167

What would this return?

dig ap-southeast-1.lightsail.aws.amazon.com @1.1.1.1

ap-southeast-1.lightsail.aws.amazon.com would return lbr.lightsail-lbr.com
and
lbr.lightsail-lbr.com would return ap-southeast-1.lightsail.aws.amazon.com

It’s funny.

$ dig ap-southeast-1.lightsail.aws.amazon.com @1.1.1.1

; <<>> DiG 9.10.6 <<>> ap-southeast-1.lightsail.aws.amazon.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30010
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;ap-southeast-1.lightsail.aws.amazon.com. IN A

;; ANSWER SECTION:
lightsail.aws.amazon.com. 60	IN	CNAME	lbr.lightsail-lbr.com.

;; Query time: 176 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed Dec 04 23:54:02 +08 2019
;; MSG SIZE  rcvd: 124

$ dig lbr.lightsail-lbr.com @1.1.1.1

; <<>> DiG 9.10.6 <<>> lbr.lightsail-lbr.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63643
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;lbr.lightsail-lbr.com.		IN	A

;; ANSWER SECTION:
lbr.lightsail-lbr.com.	60	IN	CNAME	ap-southeast-1.lightsail.aws.amazon.com.

;; Query time: 531 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed Dec 04 23:55:02 +08 2019
;; MSG SIZE  rcvd: 121

Query with console.aws.amazon.com is having the same issue.

$ dig console.aws.amazon.com @1.1.1.1

; <<>> DiG 9.10.6 <<>> console.aws.amazon.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16467
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;console.aws.amazon.com.		IN	A

;; ANSWER SECTION:
console.aws.amazon.com.	7	IN	CNAME	lbr-optimized.console-l.amazonaws.com.
lbr-optimized.console-l.amazonaws.com. 7 IN CNAME us-east-1.console.aws.amazon.com.

;; Query time: 3 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed Dec 04 23:58:22 +08 2019
;; MSG SIZE  rcvd: 145

$ dig us-east-1.console.aws.amazon.com @1.1.1.1

; <<>> DiG 9.10.6 <<>> us-east-1.console.aws.amazon.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13595
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;us-east-1.console.aws.amazon.com. IN	A

;; ANSWER SECTION:
console.aws.amazon.com.	16	IN	CNAME	lbr-optimized.console-l.amazonaws.com.

;; Query time: 5 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed Dec 04 23:59:15 +08 2019
;; MSG SIZE  rcvd: 131

That would indicate a recursion. Might be something specific to your PoP, as it seems to resolve for me.

What does this return?

dig +short CHAOS TXT id.server @1.1.1.1

I am in Malaysia.

$ dig +short CHAOS TXT id.server @1.1.1.1
"KUL"

Alright, then maybe contact support and tell them there might be an issue with that particular host in KUL.

@dane @irtefa

I believe other AWS console related hosts are having the same issue and this is happening in some other regions too, as reported by a guy from Toronto, Ontario, Canada at https://news.ycombinator.com/item?id=21703192.

Could be. I wouldnt want to speculate.

A support ticket is the best course of action.

THis may be the ugliest report I’ve ever seen for a hostname…

3 Likes

Encountered another host with the same issue.

$ dig g.alicdn.com @1.1.1.1

; <<>> DiG 9.10.6 <<>> g.alicdn.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11399
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;g.alicdn.com.			IN	A

;; ANSWER SECTION:
g.alicdn.com.		77697	IN	CNAME	g.alicdn.com.danuoyi.alicdn.com.

;; Query time: 3 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Thu Dec 05 15:36:54 +08 2019
;; MSG SIZE  rcvd: 88

But the query with 8.8.8.8 is very fine.

$ dig g.alicdn.com @8.8.8.8

; <<>> DiG 9.10.6 <<>> g.alicdn.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8383
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;g.alicdn.com.			IN	A

;; ANSWER SECTION:
g.alicdn.com.		21599	IN	CNAME	g.alicdn.com.danuoyi.alicdn.com.
g.alicdn.com.danuoyi.alicdn.com. 59 IN	A	47.246.12.254
g.alicdn.com.danuoyi.alicdn.com. 59 IN	A	47.246.12.253

;; Query time: 16 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Dec 05 15:36:57 +08 2019
;; MSG SIZE  rcvd: 108