Problem:
Unable to access one domain amscymru.co.uk from certain locations only.
Desired Effect:
Connect to amscymru.co.uk normally
Desription:
There is some strange DNS problem that first appeared 2 days ago. Nothing has been changed in either domain's configuration nor server config. DNS does not resolve the domain name when using standard DNS for LAN router (192.168.0.1. No way to ping or tracert. Only when I use proxy or OpenDNS the website can be accessed from those machines. Problematic machines are located in Poland, Germany and UK. It seems that only certain networks can't access it.
Other domains can be accessed normally.
So far I wasn't able to find a reason behind it.
Have you ever come across something like this?
Related
I Live in Estonia.
The second day I observe some kind of problem with the opening of some of my sites.
Example:
https://cp.nasdaq.ee - sometimes it works, sometimes it doesn't
https://185.252.232.227:8888/ - this is the same site cp.nasdaq.ee, but via IP - always opens properly
If the site is down and i enable the VPN, then it starts working.
In all other countries, the site opens without problems https://www.host-tracker.com/ru/ic/4/697585f4-486b-4c8e-b530-e3f0b6c96972/
This problem have all of my friends (5 men) who live in Estonia.
Perhaps the problem is somehow related to the fact that cp.nasdaq.ee has NS servers in the Cloudflare.com zone, but not all sites connected to Cloudflare have the problem.
I observe the problem only for those sites that are connected to Cloudflare and their A-record leads to ip 185.252.232.227.
If IP 109.205.176.239, 62.171.151.28, 62.171.151.28 are specified, then sites open without problems.
For your information,
all IPs listed are for VPS owned by Contabo.com hosting, the server is located in Germany.
The problematic IP 185.252.232.227 is from one VPS on Contabo, and all the other IPs I listed are from another VPS on Contabo.
And if i turn of status Proxied at CLoduflare.com and set DNS ONLY - then website works well!
Here is such an incomprehensible problem ...
We've a project that is to go live very soon and we ran into this issue when dealing with developers. This is two JDEdwards (ERP) website which are hosted on a single IBM WebSphere webserver, currently using a FQDN, and different ports assignment for DEV and TEST users. Websites as such are -
DEV
https://jdeweb01dev.corporate.company.com:100/jde/owhtml/
TEST
https://jdeweb01dev.corporate.company.com:101/jde/owhtml/
There is only one IP configured for the above server FQDN but we will eventually give common name like JdeDev.company.com JdeTest.company.com or something.
We want to implement SSL cert for our Test/Dev environments, but how would we implement this on IIS or IBM Web SPhere, as well as on DNS level. Sine the only difference between the URLs is port numbers and both lead to different websites. I'm open for suggestions on how we can improve the design as well or how to make the current design work.
Another important thing to consider, the two websites will be accessed between two different Domain Forests which have transient Trust. This is a JDEdwards project.
Appreciate any help on this!
In order to configure HTTPS binding in IIS site binding, just configure a certificate in IIS site binding module.
https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-configure-an-iis-hosted-wcf-service-with-ssl
Also, this could be accomplished by the Netsh http command.
netsh http add sslcert ipport=0.0.0.0:8000
certhash=0000000000003ed9cd0c315bbb6dc1c08da5e6
appid={00112233-4455-6677-8899-AABBCCDDEEFF}
https://learn.microsoft.com/en-us/dotnet/framework/wcf/feature-details/how-to-configure-a-port-with-an-ssl-certificate
After you have set up the FQDN in DNS entries, you could specify the Hostname field in order to access the service with the server fully qualified domain name.
Feel free to let me know if there is anything I can help with.
WebSphere supports multiple virtual hosts, each with its own alias(es), which can be a combination of DNS name and port. The built-in default_host will typically have an alias for the server/node name and the * wildcard for all ports. You then assign a specific virtual host to an application when you deploy it.
I am struggling to understand the FQDN for servers.
At the moment mine is just localhost if i type hostname in to my server terminal it just says localhost.
I understand you need a different one from this if you want to set up cpanel, or postfix or anything really.
As i know its comprised of two parts:
hostname.domainname
can domain name be made up, or does it have to be one of your domains that is set up for use on your server?
and host name can be anything, or it has to be the servername? and does it have to be set up as a sub domain of the domain?
I hope you understand my issues.
Thanks
Try typing
hostname --fqdn
FQDN means Fully Qualified Domain Name, composed mainly of two parts:
Your hostname
The domain name where your hostname is located.
It can be as easy as mycomputername.myfamilydomainname.tld, or as complex as cor-th3-1.par.fr.eu.mynetwork.net.
All of this can technically be made up, though, if you use for example, google.com as local domain, your local resolver may use this info and believe you're in the google.com DNS zone, you may then have problems resolving entries that are in the google.com DNS zone.
More info at: http://en.wikipedia.org/wiki/Hostname
I have a couple EC2 instances behind an Elastic Load Balancer. These instances serve HTTP requests for a single web site. I recently started looking at the HOST header of the traffic, because I am planning to split my app into virtual hosts.
With some regularity (dozens of times a day), I log a request for a host name that is totally unrelated to my servers. As a couple examples, today I saw requests with the host names ad.adserverplus.com and r1---sn-upfn-hp5e.c.youtube.com. I looked these up and the IP addresses are not the same as any of my servers, nor of the ELB, so I am trying to develop a theory as to how this happens.
I realize that someone could be spoofing the host header, but it happens often enough that I am pretty sure this is not what is going on. My other idea is that somehow there is stale DNS data that just happens to resolve one of those hosts to my IP address, but again this seems like it could happen once in a great while but not regularly. What are some other possibilities, and how might I verify / discredit them?
EDIT
I looked at some of the unexpected host names today, and it seems that they actually do resolve to an IP that is one of the possible IPs that my domain apex resolves to. I use Route 53 for DNS, and I have the zone apex pointed to the ELB, so when I query the IP address for my domain, I get different answers depending on when I ask. So this makes me very curious, how do these IP addresses get assigned to me and how does EC2 make sure they are not co-opting an IP address that someone else is already using.
There are any number of reasons for this. First you should understand that the public host name for your EC2 instances and load balancers have likely been used before. If you have an elastic IP associated with your load balancer, it has also probably been used before.
As such you can get traffic to your servers that is intended for a previous tenant of that hostname of IP address that you are currently using.
One thing you can do is to configure your web servers to reject traffic (respond with 403) to traffic that is not arriving with the proper hostname specified or that comes from a specific external host.
Your IP or your ELBs IP may have at one point in time been an open proxy. meaning that someone is hoping that you would forward the requests on to their intended destination.
but in general open port 80 to the internet and all kinds of bots and zombies will visit you with a pretty constant flow of dodgy requests. I would imagine though that the \ec2 IP ranges would be a particularly juicy range to search for poorly patched websites to exploit.
I have java based application hosted on my local tomcat server.As per my understanding whenever I type http://us.states.com/myApplication. There is a order browser will try to resolve the DNS name us.states.com. I.e
First it will look for us.states.com in hosts file
Secondly it will look for us.states.com on local DNS server (if it is there)
Last it will look for us.states.com on web (with appending of www in front of us.states.com)
Is that correct?
The first two are correct, the third is not. If it appends www-or not is normally a redirect issue. Hence, DNS name resolving will only be against either local host file or against one or more DNS servers.
One and two are correct. First the hosts file is checked, then your DNS server. There is no 3.
Also, step 2 is not necessarily a DNS server local to your network. It can be specified on your machine (separately from DHCP) or it can be specified by the network. Usually the DNS server is on a machine owned by your ISP, unless you explicitly use a different one. For example I sometimes use Google's public DNS servers (8.8.8.8 / 8.8.4.4) or Level3's (4.2.2.1 through 4.2.2.7 or so).