Sunday, November 23, 2008

Custom Domains, And Register.Com As The Registrar

Most people, when setting up a new custom domain, simply use the "Buy A Domain" wizard, and end up with eNom or GoDaddy as a registrar. Neither eNom nor GoDaddy are foolproof, and some folks find new and exciting ways to make their domains not work. Neither the Custom Domain Reset Form, nor the Blogger Help Group, will be retired within this lifetime. For all their flaws, both eNom and GoDaddy are predictable, within limits.

Some folks like to "roll their own", and use third party registrars, and "Advanced Settings". Now, we have challenges.

This evening, we have BHG: Something Is Broken: Custom domain suddenly not working
We've had a custom domain set up perfectly for 2 years. Somehow this morning, with no changes to our DNS nor blogspot .. our blog is fubar.


As usual, I start examining Dig logs (here, unabridged) for the domain. And, I find oddities.

; <<>> DiG 9.3.2 <<>> crackedsidewalks.com A
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23743
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;crackedsidewalks.com. IN A

;; AUTHORITY SECTION:
crackedsidewalks.com. 9652 IN SOA dns215.a.register.com.
root.register.com. 2005111024 28800 7200 604800 14400

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Nov 24 07:42:34 2008
;; MSG SIZE rcvd: 97

; <<>> DiG 9.3.2 <<>> www.crackedsidewalks.com A
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 10788
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.crackedsidewalks.com. IN A

;; Query time: 892 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Nov 24 07:42:45 2008
;; MSG SIZE rcvd: 42


compared to the similar logs from my domain, "nitecruzr.net", this is not promising.

; <<>> DiG 9.3.2 <<>> @localhost nitecruzr.net A
; (2 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 175
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;nitecruzr.net. IN A

;; ANSWER SECTION:
nitecruzr.net. 3600 IN A 64.233.179.121
nitecruzr.net. 3600 IN A 72.14.207.121

;; Query time: 170 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Nov 24 08:41:44 2008
;; MSG SIZE rcvd: 63

; <<>> DiG 9.3.2 <<>> @localhost www.nitecruzr.net A
; (2 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51847
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.nitecruzr.net. IN A

;; ANSWER SECTION:
www.nitecruzr.net. 1911 IN CNAME ghs.google.com.
ghs.google.com. 436315 IN CNAME ghs.l.google.com.
ghs.l.google.com. 300 IN A 66.249.91.121

;; Query time: 167 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Nov 24 07:59:31 2008
;; MSG SIZE rcvd: 99

So, we Dig deeper. Why do they call it "Dig" anyway?

; <<>> DiG 9.3.2 <<>> crackedsidewalks.com ANY
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21071
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;crackedsidewalks.com. IN ANY

;; ANSWER SECTION:
crackedsidewalks.com. 12398 IN SOA dns215.a.register.com.
root.register.com. 2005111024 28800 7200 604800 14400
crackedsidewalks.com. 12398 IN NS dns215.a.register.com.
crackedsidewalks.com. 12398 IN NS dns241.c.register.com.
crackedsidewalks.com. 12398 IN NS dns249.d.register.com.
crackedsidewalks.com. 12398 IN NS dns037.b.register.com.

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Nov 24 08:01:16 2008
;; MSG SIZE rcvd: 180

That should be the authoritative server for the domain.

; <<>> DiG 9.3.2 <<>> @dns215.a.register.com crackedsidewalks.com ANY
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55204
;; flags: qr aa rd; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;crackedsidewalks.com. IN ANY

;; ANSWER SECTION:
crackedsidewalks.com. 14400 IN NS dns241.c.register.com.
crackedsidewalks.com. 14400 IN NS dns249.d.register.com.
crackedsidewalks.com. 14400 IN NS dns215.a.register.com.
crackedsidewalks.com. 14400 IN SOA dns215.a.register.com.
root.register.com. 2005111024 28800 7200 604800 14400
crackedsidewalks.com. 14400 IN NS dns037.b.register.com.

;; Query time: 93 msec
;; SERVER: 216.21.231.215#53(216.21.231.215)
;; WHEN: Mon Nov 24 08:03:06 2008
;; MSG SIZE rcvd: 201

; <<>> DiG 9.3.2 <<>> @dns215.a.register.com www.crackedsidewalks.com ANY
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 32514
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.crackedsidewalks.com. IN ANY

;; ANSWER SECTION:
www.crackedsidewalks.com. 14400 IN CNAME ghs.google.com.
ghs.google.com. 14400 IN CNAME ghs.google.com.

;; Query time: 89 msec
;; SERVER: 216.21.231.215#53(216.21.231.215)
;; WHEN: Mon Nov 24 08:03:24 2008
;; MSG SIZE rcvd: 81

Huh?

ghs.google.com. 14400 IN CNAME ghs.google.com.


Let's review.
  • When we do a normal Dig, we get no address information.

    ; <<>> DiG 9.3.2 <<>> www.crackedsidewalks.com A
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 10788
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;www.crackedsidewalks.com. IN A

    ;; Query time: 892 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon Nov 24 07:42:45 2008
    ;; MSG SIZE rcvd: 42

  • When we do a targeted Dig, we see this extra "CNAME" pointing to itself.

    ; <<>> DiG 9.3.2 <<>> @dns215.a.register.com www.crackedsidewalks.com ANY
    ; (1 server found)
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 32514
    ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;www.crackedsidewalks.com. IN ANY

    ;; ANSWER SECTION:
    www.crackedsidewalks.com. 14400 IN CNAME ghs.google.com.
    ghs.google.com. 14400 IN CNAME ghs.google.com.

    ;; Query time: 89 msec
    ;; SERVER: 216.21.231.215#53(216.21.231.215)
    ;; WHEN: Mon Nov 24 08:03:24 2008
    ;; MSG SIZE rcvd: 81

  • If we did a Dig against a non existent virtual host, we'd get the SOA for the domain.

    ; <<>> DiG 9.3.2 <<>> @localhost xxx.nitecruzr.net ANY
    ; (2 servers found)
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54073
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;xxx.nitecruzr.net. IN ANY

    ;; AUTHORITY SECTION:
    nitecruzr.net. 10800 IN SOA ns53.domaincontrol.com. dns.jomax.net. 2008032400 28800 7200 604800 86400

    ;; Query time: 174 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon Nov 24 16:08:57 2008
    ;; MSG SIZE rcvd: 103

  • If we did a Dig against a non existent domain, we'd get the SOA for the TLD.

    ; <<>> DiG 9.3.2 <<>> @localhost xxx.nodomain.net ANY
    ; (2 servers found)
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49125
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;xxx.nodomain.net. IN ANY

    ;; AUTHORITY SECTION:
    nodomain.net. 3600 IN SOA promoshare.biz. hostmaster.nodomain.net. 20446 900 600 86400 3600

    ;; Query time: 241 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon Nov 24 16:09:33 2008
    ;; MSG SIZE rcvd: 95

  • Instead, we see no result. Looks like a dropped connection maybe. Or, a query that results in an endless loop, like a "CNAME" pointing to itself.

    ; <<>> DiG 9.3.2 <<>> www.crackedsidewalks.com A
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 10788
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;www.crackedsidewalks.com. IN A

    ;; Query time: 892 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon Nov 24 07:42:45 2008
    ;; MSG SIZE rcvd: 42


This looks like a bogus "CNAME" on the Register server "dns215.a.register.com".

ghs.google.com. 14400 IN CNAME ghs.google.com.

If you talk directly to a Register CSR, make sure that they assist you properly. You'll need a proper custom domain configuration. Avoid URL forwarding, in any of its many variants.

(Update 11/25): Think this was strange? It gets stranger still the next day.

>> Top

2 comments:

Brian Francis said...

I have the same problem with the bogus CNAME on the register server for my site www.politicalinaction.com. Is this leading to my DNS error and to blogger saying that a blog is already hosted at this address?

How do we fix it?

Chuck said...

Brian,

My money says it's a Register snafu. I don't have any connection with Register though - so you and the others have to complain to them.

Escalate the matter, if the first CSR can't (won't) help. Request attention from a supervisor, and tell them that there are others with the same problem.

If it's not a Register mistake, then Register management have to contact Google directly. But it has to be handled at the Register management level.