I'm using AWS route 53 for my routing. I'm also using Route53Resolver for internal address resolution.
DNS is returning the wrong IP addresses for CNAME records (I have changed the domain to xxx.yyy):
[ec2-user@dev ~]$ dig production.xxx.yyy
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.60.amzn1 <<>> production.xxx.yyy
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47088
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;production.xxx.yyy. IN A
;; ANSWER SECTION:
production.xxx.yyy. 60 IN A 91.195.240.12
;; Query time: 33 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Fri Mar 20 09:31:57 2020
;; MSG SIZE rcvd: 63
I get the same answer if I query a different CNAME, which points to a different address:
[ec2-user@dev ~]$ dig dev.xxx.yyy
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.60.amzn1 <<>> dev.xxx.yyy
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40351
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;dev.xxx.yyy. IN A
;; ANSWER SECTION:
dev.xxx.yyy. 60 IN A 91.195.240.12
;; Query time: 42 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Fri Mar 20 09:35:23 2020
;; MSG SIZE rcvd: 56
Both queries return 91.195.240.12, which is wrong. In fact, every CNAME returns that same address.
If I use the very-very-long-annoying-AWS-assigned DNS name to which the CNAME refers, I will get the correct address.