Sample Header Ad - 728x90

Cloudflare resolves but Google doesn't. Why?

0 votes
1 answer
123 views
dns routing geolocation
I am in Mexico. This fails: 
% curl -s -H 'accept: application/dns-json' 'https://cloudflare-dns.com/dns-query?name=www.bispebjerghospital.dk&type=A ' | jq .
{
  "Status": 2,
  "TC": false,
  "RD": true,
  "RA": true,
  "AD": false,
  "CD": false,
  "Question": [
    {
      "name": "www.bispebjerghospital.dk",
      "type": 1
    }
  ],
  "Comment": [
    "EDE(22): No Reachable Authority (time limit exceeded)"
  ]
}
but this succeeds: dig @8.8.8.8 www.bispebjerghospital.dk Why? What requirements does Cloudflare require of a domain to resolve its record? The map shown at [whatsmydns](https://whatsmydns.net/#A/www.bispebjerghospital.dk) shows red X's for some locations. EDIT: Marcus in the comments seems to have no issue with the Cloudflare. So since I suspect this is an anycast issue, here are the IP addresses I see for Cloudflare: 
% nslookup cloudflare-dns.com
Server:		10.2.9.68
Address:	10.2.9.68#53

Non-authoritative answer:
Name:	cloudflare-dns.com
Address: 104.16.249.249
Name:	cloudflare-dns.com
Address: 104.16.248.249
Name:	cloudflare-dns.com
Address: 2606:4700::6810:f9f9
Name:	cloudflare-dns.com
Address: 2606:4700::6810:f8f9
EDIT2: NS records as requested: 
% dig www.bispebjerghospital.dk NS 
;; communications error to 10.2.9.68#53: timed out

; > DiG 9.18.24-1-Debian > www.bispebjerghospital.dk NS
;; global options: +cmd
;; Got answer:
;; ->>HEADER> DiG 9.18.24-1-Debian > @8.8.8.8 www.bispebjerghospital.dk NS
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40469
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.bispebjerghospital.dk.	IN	NS

;; AUTHORITY SECTION:
bispebjerghospital.dk.	900	IN	SOA	ns3.regionh.dk. webmasteradmin.regionh.dk. 2008030648 10800 3600 2592000 900

;; Query time: 256 msec
;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP)
;; WHEN: Tue Apr 02 12:58:38 CST 2024
;; MSG SIZE  rcvd: 117

% dig +short cloudflare-dns.com NS
ns1.cloudflare-dns.com.
ns2.cloudflare-dns.com.
ns3.cloudflare-dns.com.
EDIT3: NextDNS succeeds: 
% curl -s -H 'accept: application/dns-json' 'https://dns.nextdns.io/dns-query?name=www.bispebjerghospital.dk&type=A ' | jq .
{
  "Status": 0,
  "TC": false,
  "RD": true,
  "RA": true,
  "AD": false,
  "CD": false,
  "Question": [
    {
      "name": "www.bispebjerghospital.dk.",
      "type": 1
    }
  ],
  "Answer": [
    {
      "name": "www.bispebjerghospital.dk.",
      "type": 1,
      "TTL": 3600,
      "data": "128.0.75.219"
    }
  ]
}
EDIT4: I can't query from ns3.region.dk directly: 
% dig @ns3.regionh.dk www.bispebjerghospital.dk
;; communications error to 128.0.75.226#53: timed out
EDIT5: Seems like that previous command should have worked, since it works on [dnsexit.com](https://dnsexit.com/it-tools/network-tools) : screenshot of successful lookup
Asked by Janus Troelsen (1515 rep)
Apr 2, 2024, 06:13 PM
Last activity: Apr 2, 2024, 07:23 PM
Sidebar Ad - 300x250
Related Questions

Browse more questions from Unix & Linux Stack Exchange

More questions tagged "dns"
More questions tagged "routing"
More questions tagged "geolocation"
Footer Ad - 728x90