DNS Resolution Issues
2 minute read
After initial testing, Comcast DNS Servers were responding with a Servfail error on affected domains, which means the domain exists but the authoritative DNS server(register.com) for that domain is giving an invalid response. Further digging indicated that the Comcast DNS Servers appears to be using DNSSEC and EDNS features that register.com appears to not support. This incompatibility is most likely the cause of the invalid response.
Considering that either Comcast would have to downgrade their DNS servers or register.com would need to upgrade theirs, AIS recommends moving DNS records to Amazon Route53 because their DNS Servers support the latest DNS features and is the most robust DNS service.
The AIS Network Monitoring Service(NMS) includes Amazon AWS Route53 DNS hosting services for greater reliability and robust DNS health-check capabilities.
Domain name ownership, DNS ownership, and web hosting are all mutually exclusive. DNS has one job, you give it a name, it replies with an IP address. If a trace is able to start, then DNS did its job. Most traces fail because ICMP is blocked, which tracert uses to do it's job.
See what’s important before it becomes urgent. The AIS Network Monitoring System that tracks performance, reliability, and configuration metrics for on-premise and cloud devices and applications. Included tools for Central Administration, Remote Management, Network Typology Insights, In-Depth Monitoring, and Faster Troubleshooting and Root Cause Analysis.