CName entry does not work

gaobo · March 11, 2020, 3:02am

I set up a sub-domain name entropy.theinformation.cn as a CName to information.myqnapcloud.com.
The sub-domain name is also used by MX records which work just fine.
The TLD theinformation.cn has been specified to use the MIAB as the NS servers correctly.
All the other entries work like a charm except for this CName entry.

The DIG of the MX entries for the specific sub-domain name (totally fine):

 ; <<>> DiG 9 <<>> @localhost entropy.theinformation.cn MX
 ; (1 server found)
 ;; global options: +cmd
 .			504401	IN	NS	c.root-servers.net.
 .			504401	IN	NS	h.root-servers.net.
 .			504401	IN	NS	k.root-servers.net.
 .			504401	IN	NS	d.root-servers.net.
 .			504401	IN	NS	m.root-servers.net.
 .			504401	IN	NS	l.root-servers.net.
 .			504401	IN	NS	i.root-servers.net.
 .			504401	IN	NS	f.root-servers.net.
 .			504401	IN	NS	b.root-servers.net.
 .			504401	IN	NS	a.root-servers.net.
 .			504401	IN	NS	j.root-servers.net.
 .			504401	IN	NS	g.root-servers.net.
 .			504401	IN	NS	e.root-servers.net.
 ;; Received 228 bytes from 127.0.0.1#53(127.0.0.1) in 3 ms
 
 cn.			172800	IN	NS	a.dns.cn.
 cn.			172800	IN	NS	b.dns.cn.
 cn.			172800	IN	NS	c.dns.cn.
 cn.			172800	IN	NS	d.dns.cn.
 cn.			172800	IN	NS	e.dns.cn.
 cn.			172800	IN	NS	f.dns.cn.
 cn.			172800	IN	NS	g.dns.cn.
 cn.			172800	IN	NS	ns.cernet.net.
 ;; Received 370 bytes from 199.7.91.13#53(199.7.91.13) in 14 ms
 
 theinformation.cn.	86400	IN	NS	ns2.singular.lobachevsky.space.
 theinformation.cn.	86400	IN	NS	ns1.singular.lobachevsky.space.
 ;; Received 105 bytes from 2001:dc7::1#53(2001:dc7::1) in 32 ms
 
 entropy.theinformation.cn. 1800	IN	MX	10 mxa.eu.mailgun.org.
 entropy.theinformation.cn. 1800	IN	MX	10 mxb.eu.mailgun.org.
 theinformation.cn.	1800	IN	NS	ns1.singular.lobachevsky.space.
 theinformation.cn.	1800	IN	NS	ns2.singular.lobachevsky.space.
 ;; Received 159 bytes from 195.181.215.182#53(195.181.215.182) in 20 ms

The DIG of the MX entries for the specific sub-domain name (dramatically incorrect):

 ; <<>> DiG 9 <<>> @localhost entropy.theinformation.cn CNAME
 ; (1 server found)
 ;; global options: +cmd
 .			504768	IN	NS	l.root-servers.net.
 .			504768	IN	NS	g.root-servers.net.
 .			504768	IN	NS	k.root-servers.net.
 .			504768	IN	NS	d.root-servers.net.
 .			504768	IN	NS	f.root-servers.net.
 .			504768	IN	NS	j.root-servers.net.
 .			504768	IN	NS	c.root-servers.net.
 .			504768	IN	NS	b.root-servers.net.
 .			504768	IN	NS	m.root-servers.net.
 .			504768	IN	NS	i.root-servers.net.
 .			504768	IN	NS	e.root-servers.net.
 .			504768	IN	NS	h.root-servers.net.
 .			504768	IN	NS	a.root-servers.net.
 ;; Received 228 bytes from 127.0.0.1#53(127.0.0.1) in 3 ms
 
 cn.			172800	IN	NS	b.dns.cn.
 cn.			172800	IN	NS	e.dns.cn.
 cn.			172800	IN	NS	f.dns.cn.
 cn.			172800	IN	NS	a.dns.cn.
 cn.			172800	IN	NS	c.dns.cn.
 cn.			172800	IN	NS	d.dns.cn.
 cn.			172800	IN	NS	ns.cernet.net.
 cn.			172800	IN	NS	g.dns.cn.
 ;; Received 374 bytes from 193.0.14.129#53(193.0.14.129) in 3541 ms
 
 theinformation.cn.	86400	IN	NS	ns1.singular.lobachevsky.space.
 theinformation.cn.	86400	IN	NS	ns2.singular.lobachevsky.space.
 ;; Received 105 bytes from 203.119.27.1#53(203.119.27.1) in 318 ms
 
 theinformation.cn.	1800	IN	SOA	ns1.singular.lobachevsky.space. hostmaster.singular.lobachevsky.space. 2019100300 7200 1800 1209600 1800
 ;; Received 120 bytes from 195.181.215.182#53(195.181.215.182) in 21 ms

openletter · March 12, 2020, 3:45am

Have your settings changed since you first posted this?

gaobo · March 16, 2020, 4:05am

No I have changed nothing since then.

alento · March 16, 2020, 4:17am

@gaobo Can you show a screen cap of the Custom DNS page please?

gaobo · March 16, 2020, 4:39am

Here you go:

alento · March 16, 2020, 2:02pm

@gaobo And the contents of the file

/home/user-data/dns/custom.yaml please.

Do this … there is no rhyme or reason, just do it.

Delete the CNAME record for entropy.theinformation.cn and then add it back again. Stranger things have happened.

openletter · March 16, 2020, 3:26pm

If that doesn’t work, also try recreating the record with just anything, then query.

 $ dig entropy.theinformation.cn 

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> entropy.theinformation.cn
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25235
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 440c11f75f5cd576a13dd9835e6f99e63b05abaa3bb861a4 (good)
;; QUESTION SECTION:
;entropy.theinformation.cn.	IN	A

;; AUTHORITY SECTION:
theinformation.cn.	1453	IN	SOA	ns1.singular.lobachevsky.space. hostmaster.singular.lobachevsky.space. 2019100300 7200 1800 1209600 1800

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Mar 16 08:23:18 PDT 2020
;; MSG SIZE  rcvd: 159

$ dig cname entropy.theinformation.cn 

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> cname entropy.theinformation.cn
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49644
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 22c2bd70736e90c29fb76af85e6f99fd9747cbb7582911fd (good)
;; QUESTION SECTION:
;entropy.theinformation.cn.	IN	CNAME

;; AUTHORITY SECTION:
theinformation.cn.	1417	IN	SOA	ns1.singular.lobachevsky.space. hostmaster.singular.lobachevsky.space. 2019100300 7200 1800 1209600 1800

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Mar 16 08:23:41 PDT 2020
;; MSG SIZE  rcvd: 159

gaobo · March 22, 2020, 4:12pm

After I catted custom.yaml I got the following:

The red arrow shows that the CNAME entry is there.

gaobo · March 23, 2020, 3:01am

Well, again, MIAB is correct, and I am not. Technically, MIAB correctly implements RFC2181, which section 10.3 reads as follows:

10.3. MX and NS records

The domain name used as the value of a NS resource record, or part of
the value of a MX resource record must not be an alias. Not only is
the specification clear on this point, but using an alias in either
of these positions neither works as well as might be hoped, nor well
fulfills the ambition that may have led to this approach. This
domain name must have as its value one or more address records.
Currently those will be A records, however in the future other record
types giving addressing information may be acceptable. It can also
have other RRs, but never a CNAME RR.

Stay foolish and keep studying.

kellytrinh · March 24, 2020, 5:52am

I guess DNS rules are complex for people not familiar. I have been playing around with MiaB and had issues when I sent up a * CNAME for my domain and also MX records referencing that.

It must have broken the rules coz a lot of different places suddenly started saying “You have issues with your MX setup”

Anyway - glad you sorted and good learning experience all round.