WildCard Alias too short
-
I was just working on multi-site WP Setup and had an issue with not being able to reach a site I created. I had setup the wildcard alias, I confirmed it made it to my DNS provider (gandi.net).
nslookupconfirmed the lookup was failing.$ nslookup gg.api.domain.net Server: UnKnown Address: 2001:4888:24:ff00:223:d:: *** UnKnown can't find gg.api.domain.net: Non-existent domainI randomly did a different subdomain and got an interesting result...it worked.
$ nslookup blah.api.domain.net Server: UnKnown Address: 2001:4888:24:ff00:223:d:: Non-authoritative answer: Name: blah.api.domain.net Address: 167.99.168.xxxThis mad me wonder if the 2 letter domain was causing the issue. I changed the subdomain in the WP Network panel to something longer, and everything started working.
I'm not sure if this is a Gandi limitation, a DNS limitation, or something else. But in-case others ran across this issue, I thought I'd give folks a heads up.
-
I was just working on multi-site WP Setup and had an issue with not being able to reach a site I created. I had setup the wildcard alias, I confirmed it made it to my DNS provider (gandi.net).
nslookupconfirmed the lookup was failing.$ nslookup gg.api.domain.net Server: UnKnown Address: 2001:4888:24:ff00:223:d:: *** UnKnown can't find gg.api.domain.net: Non-existent domainI randomly did a different subdomain and got an interesting result...it worked.
$ nslookup blah.api.domain.net Server: UnKnown Address: 2001:4888:24:ff00:223:d:: Non-authoritative answer: Name: blah.api.domain.net Address: 167.99.168.xxxThis mad me wonder if the 2 letter domain was causing the issue. I changed the subdomain in the WP Network panel to something longer, and everything started working.
I'm not sure if this is a Gandi limitation, a DNS limitation, or something else. But in-case others ran across this issue, I thought I'd give folks a heads up.
@moonmeister Just guessing here but in DNS world there is a thing called NXDOMAIN. When you look up a domain which is not there in DNS, then the error code is NXDOMAIN. This code is special that it's cached for a long time in the intermediate routers. I guess the reason is that people don't expect domains to appear and disappear randomly, so it makes sense to cache it longer. So, if by any chance you looked up
gg.api.domain.netbefore the DNS has propagated, then it's probably cached over everywhere as NXDOMAIN. The cache is almost a day! See also https://serverfault.com/questions/426807/how-long-does-negative-dns-caching-typically-lastAnyway, so what you want to do the next time around is to look up like this to be double sure that it's not related to above like this:
host gg.api.domain.net <IP ADDRESS OF GANDI DNS SERVER>The above makes it go straight to GANDI DNS and gets the result. It's also not cached anywhere in your local NS. You can also try the above command with various popular NS like 8.8.8.8, 1.1.1.1 etc.
-
@moonmeister Just guessing here but in DNS world there is a thing called NXDOMAIN. When you look up a domain which is not there in DNS, then the error code is NXDOMAIN. This code is special that it's cached for a long time in the intermediate routers. I guess the reason is that people don't expect domains to appear and disappear randomly, so it makes sense to cache it longer. So, if by any chance you looked up
gg.api.domain.netbefore the DNS has propagated, then it's probably cached over everywhere as NXDOMAIN. The cache is almost a day! See also https://serverfault.com/questions/426807/how-long-does-negative-dns-caching-typically-lastAnyway, so what you want to do the next time around is to look up like this to be double sure that it's not related to above like this:
host gg.api.domain.net <IP ADDRESS OF GANDI DNS SERVER>The above makes it go straight to GANDI DNS and gets the result. It's also not cached anywhere in your local NS. You can also try the above command with various popular NS like 8.8.8.8, 1.1.1.1 etc.
@girish Just when I thought I understood DNS I learn about negative caching. Not sure if this was the issue, but it is possible. Thanks.
