My issue is that my website seems to be unavailable in certain regions due to a lack of name resolution. The website is arnaudloos.com.
I have both my Domain and DNS hosted by Amazon. The website is hosted in an S3 bucket. There is no www bucket.
To start I've checked and my DNS NS records match my hosted zone Nameservers.
ns-889.awsdns-47.net
ns-1111.awsdns-10.org
ns-376.awsdns-47.com
ns-1823.awsdns-35.co.uk
Checking https://dns.google.com/query?name=arnaudloos.com
results in "Comment": "DNSSEC validation failure"
But if I turn off the DNSSEC toggle switch I get results
"Answer":
{
"name": "arnaudloos.com.",
"type": 1,
"TTL": 59,
"data": "52.84.126.13"
}
Manually setting my workstation client DNS to 8.8.8.8 results in not being able to browse to my website.
Checking an assigned nameserver I get a good response.
% nslookup arnaudloos.com ns-889.awsdns-47.net
Server: ns-889.awsdns-47.net
Address: 205.251.195.121#53
Name: arnaudloos.com
Address: 52.84.126.111
Name: arnaudloos.com
Address: 52.84.126.13
Name: arnaudloos.com
Address: 52.84.126.204
Name: arnaudloos.com
Address: 52.84.126.133
but not with Google
% nslookup arnaudloos.com 8.8.8.8
Server: 8.8.8.8
Address: 8.8.8.8#53
** server can't find arnaudloos.com: SERVFAIL
Everything is ok with OpenDNS
% dig arnaudloos.com @208.67.222.222
; <<>> DiG 9.11.4-3ubuntu5.1-Ubuntu <<>> arnaudloos.com @208.67.222.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38549
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;arnaudloos.com. IN A
;; ANSWER SECTION:
arnaudloos.com. 60 IN A 52.84.126.111
arnaudloos.com. 60 IN A 52.84.126.133
arnaudloos.com. 60 IN A 52.84.126.13
arnaudloos.com. 60 IN A 52.84.126.204
;; Query time: 20 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Wed Mar 06 12:50:39 EST 2019
;; MSG SIZE rcvd: 107
But not Google
dig arnaudloos.com @8.8.8.8
; <<>> DiG 9.11.4-3ubuntu5.1-Ubuntu <<>> arnaudloos.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6447
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;arnaudloos.com. IN A
;; Query time: 53 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Mar 06 12:51:05 EST 2019
;; MSG SIZE rcvd: 43
When I do a DNS propagation test I see that there are regions where there are no records for my site.
When I connect to my VPN provider and get my DNS redirected to their servers I also can't reach my website.
This has to be a configuration issue on my end but can someone please tell me what. Thanks.