by drew.phillips » Fri May 31, 2019 11:07 am
Hi phodient,

There is a DNS problem with that domain. I'm unable to resolve from several networks both inside and out of the US.

Several DNS tools are showing the same issues:|t ... ype=pretty ... n=toolpage

Another administrator pointed out the exact issue here. We're getting errors resolving the name because of a DNS configuration problem on their end:

Code: Select all

31-May-2019 10:09:30.268 cname: info: skipping nameserver '' because it is a CNAME, while resolving ''

They have violated a DNS RFC rule stating that nameservers should always point at a primary name and not an alias. We are using BIND which will not resolve their domain, but other DNS providers may choose to work around this violation. They appear to have made this change 15 days ago along with Cogent changing these nameservers to CNAME records.

I'm not sure if this is a transitional issue or oversight with these DNS servers but it seems to have been going on since 2019-05-14 when these changes took place. There are only 240 sites that point to these broken nameservers. I wonder if these site owners may have missed an important communication from their hosting provider that they needed to update their nameservers. The correct ones now appear to be,, and I suspect these domains were informed that they needed to change from to but failed to do so, and the provider pointed the old nameservers at the new ones temporarily, in violation of the RFC which prevents compliant resolvers from working.

An unfortunate result of this issue is that while using our nameservers, their website cannot be reached, and they can't be emailed from a email address because our mail servers won't be able to resolve their MX records. A temporary workaround would be to change DNS on a single computer so the site can be accessed.