By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to troubleshoot with NX

0

Hi, I'm using a custom domain on Route 53. The Route 53 configuration is set to an A record for the API Gateway. However, whenever I try to access it, I receive a "DNS_PROBE_FINISHED_NXDOMAIN" error. Additionally, when I use the nslookup command, it returns "server can't find blahblah.com: NXDOMAIN" In the ACM certificate, a CNAME record is set up for *.blahblah.com, and there are no issues with other subdomains.

Any reply would be thankful!

Topics
Networking & Content Delivery
Tags
Route 53 Resolver
Language
English
profile picture
Cy_Choi
asked 15 days ago60 views
1 Answer
1
Accepted Answer

Hello.

The Route 53 configuration is set to an A record for the API Gateway.

Where is the domain "blahblah.com" hosted?
If you check the NS record for "blahblah.com", you will see an NS record that is not Route53.
I don't think you can create a domain with an A record for a domain in API Gateway if it's not hosted on Route53.

dig blahblah.com ns

; <<>> DiG 9.16.1-Ubuntu <<>> blahblah.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40788
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;blahblah.com.                  IN      NS

;; ANSWER SECTION:
blahblah.com.           3600    IN      NS      ns52.domaincontrol.com.
blahblah.com.           3600    IN      NS      ns51.domaincontrol.com.

;; Query time: 82 msec
;; SERVER: 192.168.11.1#53(192.168.11.1)
;; WHEN: Fri May 17 15:59:05 JST 2024
;; MSG SIZE  rcvd: 93

If you want to use a domain hosted by an external registrar with Route53, please configure the domain delegation settings.
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/MigratingSubdomain.html

profile picture
EXPERT
Riku_Kobayashi
answered 15 days ago
profile picture
EXPERT
Adeleke Adebowale J
reviewed 15 days ago
  • Cy_Choi
    15 days ago

    Oh, thanks for the reply, Riku! It's really amazing to see reply from the 1st ranked expertise in my question! BTW, I've set the external registrar and return for my actual ns record is from aws!

    xxxx.me. 900 IN SOA ns-xxxx.awsdns-13.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

    And I've checked that there's a difference between ns record in Route53, So I've set the name servers as the result for the dig command.

  • Riku_Kobayashi EXPERT
    15 days ago

    The fact that the NS records can be confirmed successfully using the "dig" command means that the hosted zone itself is being used normally. Therefore, it is possible that it is just taking time to propagate the domain set in API Gateway and resolve the name. https://repost.aws/knowledge-center/route-53-propagate-dns-changes

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content