GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    sahilister (sahil@toots.sahilister.in)'s status on Thursday, 02-Jan-2025 19:32:59 JST sahilister sahilister

    Okay a DNS question, while checking name server for aws.amazon.com, I get:

    ```
    aws.amazon.com. 4092 IN CNAME tp.8e49140c2-frontier.amazon.com.
    tp.8e49140c2-frontier.amazon.com. 46 IN CNAME dr49lng3n1n2s.cloudfront.net.
    dr49lng3n1n2s.cloudfront.net. 12 IN A 108.158.61.79
    ...

    ```

    If I understand correctly, NS for aws.amazon.com is a chain of CNAME(s) to actual NS domain?

    #dns #amazon #aws

    In conversation about 5 months ago from toots.sahilister.in permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: a0.awsstatic.com
      Cloud Computing Services - Amazon Web Services (AWS)
      Amazon Web Services offers reliable, scalable, and inexpensive cloud computing services. Free to join, pay only for what you use.

    • Embed this notice
      sahilister (sahil@toots.sahilister.in)'s status on Thursday, 02-Jan-2025 19:33:35 JST sahilister sahilister
      in reply to

      The query I ran was `dig ns aws.amazon.com`

      In conversation about 5 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: a0.awsstatic.com
        Cloud Computing Services - Amazon Web Services (AWS)
        Amazon Web Services offers reliable, scalable, and inexpensive cloud computing services. Free to join, pay only for what you use.
    • Embed this notice
      sahilister (sahil@toots.sahilister.in)'s status on Friday, 03-Jan-2025 05:03:20 JST sahilister sahilister
      in reply to
      • Jing Luo

      @jing seems to work fine without -t as well.

      IG dig understands it's a query type.

      In conversation about 5 months ago permalink
    • Embed this notice
      Jing Luo (jing@mastodon.jing.lgbt)'s status on Friday, 03-Jan-2025 05:03:21 JST Jing Luo Jing Luo
      in reply to

      @sahil shouldnt it be `dig -t ns aws.amazon.com`

      In conversation about 5 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: a0.awsstatic.com
        Cloud Computing Services - Amazon Web Services (AWS)
        Amazon Web Services offers reliable, scalable, and inexpensive cloud computing services. Free to join, pay only for what you use.
    • Embed this notice
      sahilister (sahil@toots.sahilister.in)'s status on Friday, 03-Jan-2025 17:12:41 JST sahilister sahilister
      in reply to
      • Patrick Mevzek

      @pmevzek ah! that explains it, thank you!

      In conversation about 5 months ago permalink
    • Embed this notice
      Patrick Mevzek (pmevzek@framapiaf.org)'s status on Friday, 03-Jan-2025 17:12:42 JST Patrick Mevzek Patrick Mevzek
      in reply to

      @sahil "If I understand correctly, NS for aws.amazon.com is a chain of CNAME(s) to actual NS domain?". No. It tells you `aws.amazon.com` has NO `NS` records, because it is a CNAME, and CNAME can not coexist with anything else. It then tells you the final destination of the CNAME, as there are 2, aka `dr49lng3n1n2s.cloudfront.net.` and then tells you that this name is delegated because it has `NS` records. So `aws.amazon.com` is not delegated (has no NS records), just pointed out externally.

      In conversation about 5 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: a0.awsstatic.com
        Cloud Computing Services - Amazon Web Services (AWS)
        Amazon Web Services offers reliable, scalable, and inexpensive cloud computing services. Free to join, pay only for what you use.
    • Embed this notice
      John Kristoff (jtk@infosec.exchange)'s status on Friday, 03-Jan-2025 17:59:11 JST John Kristoff John Kristoff
      in reply to

      @sahil No. The NS RRset for aws.amazon.com (at this writing and from my vantage point) is:

      ns-106.awsdns-13.com.
      ns-1402.awsdns-47.org.
      ns-1860.awsdns-40.co.uk.
      ns-905.awsdns-49.net.

      That happens to be the same set for tp.8e49140c2-frontier.amazon.com, which is where your dig ns aws.amazon.com query would have stopped.

      aws.amazon.com and tp.8e49140c2-frontier.amazon.com. both happen to be CNAMEs that ultimately lead to dr49lng3n1n2s.cloudfront.net. Those three strung together make up a chain. All coincidentally have the same authoritative server set at present.

      You say "actual NS domain". It might help to further explain if you say what you think the "domain" is in this case.

      In conversation about 5 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: a0.awsstatic.com
        Cloud Computing Services - Amazon Web Services (AWS)
        Amazon Web Services offers reliable, scalable, and inexpensive cloud computing services. Free to join, pay only for what you use.





    • Embed this notice
      sahilister (sahil@toots.sahilister.in)'s status on Friday, 03-Jan-2025 17:59:41 JST sahilister sahilister
      in reply to
      • John Kristoff

      @jtk with "actual NS domain" I meant the authoritative NS in this case, *.awsdns* domains.

      As mentioned https://framapiaf.org/@pmevzek/113759344972541770 (in thread), one can't have NS for a CNAME (which looks right now that I think of it).

      In conversation about 5 months ago permalink

      Attachments

      1. No result found on File_thumbnail lookup.
        Patrick Mevzek (@pmevzek@framapiaf.org)
        from Patrick Mevzek
        @sahil@toots.sahilister.in "If I understand correctly, NS for aws.amazon.com is a chain of CNAME(s) to actual NS domain?". No. It tells you `aws.amazon.com` has NO `NS` records, because it is a CNAME, and CNAME can not coexist with anything else. It then tells you the final destination of the CNAME, as there are 2, aka `dr49lng3n1n2s.cloudfront.net.` and then tells you that this name is delegated because it has `NS` records. So `aws.amazon.com` is not delegated (has no NS records), just pointed out externally.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.