Auteur Sujet: Résolution DNS HS avec CNAME  (Lu 1588 fois)

0 Membres et 1 Invité sur ce sujet

renaud07

  • Abonné Orange adsl
  • *
  • Messages: 3 345
Résolution DNS HS avec CNAME
« le: 26 août 2018 à 02:55:49 »
Bonsoir,

J'ai rencontre un problème étrange de résolution DNS sur un domaine qui comporte 3 cname (il s'agit du domaine dlcdnets.asus.com). Pour faire court bind renvoie que le domaine n'existe pas. En passant par ceux de google par exemple ça fonctionne.

Mon DNS forward les requêtes aux DNS public de FDN, et en faisant une requête directement sur ceux-ci, on se rend compte que ça renvoie aussi NXDOMAIN mais seulement sur le DNS primaire (80.67.169.12), le secondaire (80.67.169.40) résout correctement... Il y a donc un problème sur les DNS de FDN à priori. Un paramétrage qui limite le nombre de CNAME/requête pour arriver à l'ip ? Ou simple bug passager ?

Faut-il le signaler ?

Merci d'avance

Mes 2 DNS perso

renaud@renaud-VirtualBox:~$ dig @192.168.1.2 dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @192.168.1.2 dlcdnets.asus.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25956
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; ANSWER SECTION:
dlcdnets.asus.com. 31 IN CNAME wideip-dlcdnets.isoi.asia.

;; AUTHORITY SECTION:
isoi.asia. 1575 IN SOA dns1.asus.com. dnsadmin.asus.com. 2018082202 14400 1800 604800 3600

;; Query time: 110 msec
;; SERVER: 192.168.1.2#53(192.168.1.2)
;; WHEN: Sun Aug 26 02:33:46 CEST 2018
;; MSG SIZE  rcvd: 135

renaud@renaud-VirtualBox:~$ dig @192.168.1.10 dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @192.168.1.10 dlcdnets.asus.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17832
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; ANSWER SECTION:
dlcdnets.asus.com. 7 IN CNAME wideip-dlcdnets.isoi.asia.

;; AUTHORITY SECTION:
isoi.asia. 1382 IN SOA dns1.asus.com. dnsadmin.asus.com. 2018082202 14400 1800 604800 3600

;; Query time: 32 msec
;; SERVER: 192.168.1.10#53(192.168.1.10)
;; WHEN: Sun Aug 26 02:36:59 CEST 2018
;; MSG SIZE  rcvd: 135

DNS FDN :
renaud@renaud-VirtualBox:~$ dig @80.67.169.12 dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @80.67.169.12 dlcdnets.asus.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9008
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; ANSWER SECTION:
dlcdnets.asus.com. 31 IN CNAME wideip-dlcdnets.isoi.asia.

;; AUTHORITY SECTION:
isoi.asia. 1406 IN SOA dns1.asus.com. dnsadmin.asus.com. 2018082202 14400 1800 604800 3600

;; Query time: 153 msec
;; SERVER: 80.67.169.12#53(80.67.169.12)
;; WHEN: Sun Aug 26 02:36:35 CEST 2018
;; MSG SIZE  rcvd: 135

renaud@renaud-VirtualBox:~$ dig @80.67.169.40 dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @80.67.169.40 dlcdnets.asus.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1797
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; ANSWER SECTION:
dlcdnets.asus.com. 31 IN CNAME wideip-dlcdnets.isoi.asia.
wideip-dlcdnets.isoi.asia. 18754 IN CNAME dlcdnets-ds.asus.com.edgekey.net.
dlcdnets-ds.asus.com.edgekey.net. 18754 IN CNAME e11960.dsce14.akamaiedge.net.
e11960.dsce14.akamaiedge.net. 20 IN A 23.35.126.189

;; Query time: 194 msec
;; SERVER: 80.67.169.40#53(80.67.169.40)
;; WHEN: Sun Aug 26 02:47:29 CEST 2018
;; MSG SIZE  rcvd: 186

DNS google
renaud@renaud-VirtualBox:~$ dig @8.8.8.8 dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @8.8.8.8 dlcdnets.asus.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64352
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; ANSWER SECTION:
dlcdnets.asus.com. 15 IN CNAME wideip-dlcdnets.isoi.asia.
wideip-dlcdnets.isoi.asia. 3354 IN CNAME dlcdnets-ds.asus.com.edgekey.net.
dlcdnets-ds.asus.com.edgekey.net. 21541 IN CNAME e11960.dsce14.akamaiedge.net.
e11960.dsce14.akamaiedge.net. 19 IN A 2.23.160.107

;; Query time: 53 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Aug 26 02:37:14 CEST 2018
;; MSG SIZE  rcvd: 186

renaud@renaud-VirtualBox:~$

vivien

  • Administrateur
  • *
  • Messages: 47 085
    • Twitter LaFibre.info
Résolution DNS HS avec CNAME
« Réponse #1 le: 26 août 2018 à 08:38:50 »
Je suis chez Numericable avec Ubuntu 18.04 :

$ dig dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> dlcdnets.asus.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14446
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; Query time: 13 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sun Aug 26 08:35:20 CEST 2018
;; MSG SIZE  rcvd: 46

Même requête en mettant le DNS de Numericable :
$ dig @89.2.0.1 dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @89.2.0.1 dlcdnets.asus.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12231
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; ANSWER SECTION:
dlcdnets.asus.com. 31 IN CNAME wideip-dlcdnets.isoi.asia.

;; AUTHORITY SECTION:
isoi.asia. 2256 IN SOA dns1.asus.com. dnsadmin.asus.com. 2018082202 14400 1800 604800 3600

;; Query time: 8 msec
;; SERVER: 89.2.0.1#53(89.2.0.1)
;; WHEN: Sun Aug 26 08:36:04 CEST 2018
;; MSG SIZE  rcvd: 135

J'ai un peu de mal a comprendre le fait que cela soit différent.

Avec le DNS de Google, j'ai bien la même réponse que toi :
$ dig @8.8.8.8 dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @8.8.8.8 dlcdnets.asus.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44489
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; ANSWER SECTION:
dlcdnets.asus.com. 12 IN CNAME wideip-dlcdnets.isoi.asia.
wideip-dlcdnets.isoi.asia. 13735 IN CNAME dlcdnets-ds.asus.com.edgekey.net.
dlcdnets-ds.asus.com.edgekey.net. 21435 IN CNAME e11960.dsce14.akamaiedge.net.
e11960.dsce14.akamaiedge.net. 19 IN A 2.23.160.107

;; Query time: 25 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Aug 26 08:38:26 CEST 2018
;; MSG SIZE  rcvd: 186

Avec DNS 1.1.1.1 :
$ dig @1.1.1.1 dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @1.1.1.1 dlcdnets.asus.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16988
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; ANSWER SECTION:
dlcdnets.asus.com. 31 IN CNAME wideip-dlcdnets.isoi.asia.

;; AUTHORITY SECTION:
isoi.asia. 3600 IN SOA dns1.asus.com. dnsadmin.asus.com. 2018082202 14400 1800 604800 3600

;; Query time: 39 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Sun Aug 26 08:45:51 CEST 2018
;; MSG SIZE  rcvd: 152

DNS FDN :
$ dig @80.67.169.12 dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @80.67.169.12 dlcdnets.asus.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26322
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; ANSWER SECTION:
dlcdnets.asus.com. 31 IN CNAME wideip-dlcdnets.isoi.asia.

;; AUTHORITY SECTION:
isoi.asia. 3600 IN SOA dns1.asus.com. dnsadmin.asus.com. 2018082202 14400 1800 604800 3600

;; Query time: 24 msec
;; SERVER: 80.67.169.12#53(80.67.169.12)
;; WHEN: Sun Aug 26 08:47:11 CEST 2018
;; MSG SIZE  rcvd: 135

renaud07

  • Abonné Orange adsl
  • *
  • Messages: 3 345
Résolution DNS HS avec CNAME
« Réponse #2 le: 26 août 2018 à 22:59:06 »
Il semblerait que soit bien un bug, ce soir tout à l'air de refonctionner  :) Une propagation qui s'est mal passée ?

DNS perso :
renaud@renaud-VirtualBox:~$ dig @192.168.1.10 dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @192.168.1.10 dlcdnets.asus.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43456
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 8, ADDITIONAL: 10

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; ANSWER SECTION:
dlcdnets.asus.com. 31 IN CNAME wideip-dlcdnets.isoi.asia.
wideip-dlcdnets.isoi.asia. 19976 IN CNAME dlcdnets-ds.asus.com.edgekey.net.
dlcdnets-ds.asus.com.edgekey.net. 19976 IN CNAME e11960.dsce14.akamaiedge.net.
e11960.dsce14.akamaiedge.net. 20 IN A 23.201.255.21

;; AUTHORITY SECTION:
dsce14.akamaiedge.net. 1969 IN NS n4dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 1969 IN NS n2dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 1969 IN NS n5dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 1969 IN NS n1dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 1969 IN NS n3dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 1969 IN NS n0dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 1969 IN NS n7dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 1969 IN NS n6dsce14.akamaiedge.net.

;; ADDITIONAL SECTION:
n0dsce14.akamaiedge.net. 1969 IN A 88.221.81.192
n0dsce14.akamaiedge.net. 1969 IN AAAA 2600:1480:e800::c0
n1dsce14.akamaiedge.net. 1969 IN A 173.222.109.149
n2dsce14.akamaiedge.net. 1969 IN A 173.222.109.159
n3dsce14.akamaiedge.net. 1969 IN A 173.222.109.151
n4dsce14.akamaiedge.net. 1969 IN A 173.222.109.157
n5dsce14.akamaiedge.net. 1969 IN A 104.109.250.199
n6dsce14.akamaiedge.net. 1969 IN A 104.109.250.184
n7dsce14.akamaiedge.net. 1969 IN A 23.10.249.116

;; Query time: 116 msec
;; SERVER: 192.168.1.10#53(192.168.1.10)
;; WHEN: Sun Aug 26 23:03:01 CEST 2018
;; MSG SIZE  rcvd: 526


DNS FDN :
renaud@renaud-VirtualBox:~$ dig @80.67.169.12 dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @80.67.169.12 dlcdnets.asus.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11777
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 8, ADDITIONAL: 10

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; ANSWER SECTION:
dlcdnets.asus.com. 31 IN CNAME wideip-dlcdnets.isoi.asia.
wideip-dlcdnets.isoi.asia. 5606 IN CNAME dlcdnets-ds.asus.com.edgekey.net.
dlcdnets-ds.asus.com.edgekey.net. 5606 IN CNAME e11960.dsce14.akamaiedge.net.
e11960.dsce14.akamaiedge.net. 18 IN A 104.96.29.24

;; AUTHORITY SECTION:
dsce14.akamaiedge.net. 719 IN NS n1dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 719 IN NS n3dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 719 IN NS n4dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 719 IN NS n5dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 719 IN NS n0dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 719 IN NS n6dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 719 IN NS n2dsce14.akamaiedge.net.
dsce14.akamaiedge.net. 719 IN NS n7dsce14.akamaiedge.net.

;; ADDITIONAL SECTION:
n0dsce14.akamaiedge.net. 3486 IN A 88.221.81.192
n0dsce14.akamaiedge.net. 3486 IN AAAA 2600:1480:e800::c0
n1dsce14.akamaiedge.net. 3486 IN A 213.200.111.71
n2dsce14.akamaiedge.net. 3486 IN A 213.200.111.78
n3dsce14.akamaiedge.net. 3486 IN A 213.200.111.70
n4dsce14.akamaiedge.net. 3486 IN A 213.200.111.69
n5dsce14.akamaiedge.net. 3486 IN A 213.200.111.79
n6dsce14.akamaiedge.net. 3486 IN A 213.200.111.77
n7dsce14.akamaiedge.net. 3486 IN A 88.221.15.100

;; Query time: 45 msec
;; SERVER: 80.67.169.12#53(80.67.169.12)
;; WHEN: Sun Aug 26 23:01:34 CEST 2018
;; MSG SIZE  rcvd: 526

renaud@renaud-VirtualBox:~$ dig @80.67.169.40 dlcdnets.asus.com

; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> @80.67.169.40 dlcdnets.asus.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14979
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dlcdnets.asus.com. IN A

;; ANSWER SECTION:
dlcdnets.asus.com. 31 IN CNAME wideip-dlcdnets.isoi.asia.
wideip-dlcdnets.isoi.asia. 21600 IN CNAME dlcdnets-ds.asus.com.edgekey.net.
dlcdnets-ds.asus.com.edgekey.net. 21600 IN CNAME e11960.dsce14.akamaiedge.net.
e11960.dsce14.akamaiedge.net. 10 IN A 104.96.29.24

;; Query time: 231 msec
;; SERVER: 80.67.169.40#53(80.67.169.40)
;; WHEN: Sun Aug 26 23:02:35 CEST 2018
;; MSG SIZE  rcvd: 186