Missing A record

I’m using cloudlfare with my domain. It seems cloudflare DNS doesn’t return A record which I specified.

dig hanusovedni.sk

Output:

; <<>> DiG 9.10.6 <<>> hanusovedni.sk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 441
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; OPT=15: 00 06 ("..")
;; QUESTION SECTION:
;hanusovedni.sk.			IN	A

;; Query time: 41 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed Oct 28 01:28:49 CET 2020
;; MSG SIZE  rcvd: 49

I’m not seeing any records for the domain or ‘www’.

Can you post a screenshot of your DNS records here? It’s ok to black out IP addresses. While you’re there, can you confirm that the name servers at the bottom say Corey and Opal?

Here is screenshot

Okay, there are two things going on here.

First, the DNSSEC records are wrong, therefore responses from this zone are all returning BOGUS, and therefore discarded. The fix is to remove the DNSSEC records at the registrar, or, update them to Cloudflare provided records.

Second, the actual issue: Cloudflare is a reverse proxy, any record marked as proxied (:orange:) will show Cloudflare IP addresses, and HTTP/HTTPS requests will be forwarded. This is expected. Toggle to not proxy (:grey:) to bypass Cloudflare and return your IP, nothing that no other Cloudflare features will work for this host.

1 Like

First, the DNSSEC records are wrong, therefore responses from this zone are all returning BOGUS, and therefore discarded. The fix is to remove the DNSSEC records at the registrar, or, update them to Cloudflare provided records.

I actually didn’t change anything in Cloudflare or in registrar. It just happened that suddenly my domain stopped working few days back (at the beginning it didn’t work for some people, later for everybody).

As a solution I enabled DNSSEC on Cloudflare and in my resitrar I added DS. This fixed my issue. However dnsviz still shows some error https://dnsviz.net/d/hanusovedni.sk/dnssec/ Do you know why?

If I’m interpreting correctly (and DNSViz is not super mobile friendly), there is an extra DS record but the matching RRSIG record doesn’t exist. I’d double check that the records with your registrar exactly match what Cloudflare recommends.

1 Like

Thank you for your help. Now it works. After some time the second DS was removed without any action from my side. Maybe by registrar. :slight_smile: Everything works.

1 Like

Excellent!

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.