• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

DNS configuration: google for applications + AWS

Started by wogic, June 09, 2012, 05:38:57 AM

Previous topic - Next topic

wogic

Hi guys,

I'm trying to configure my domain "wogic.com" at dns.he.net to use:

1. Google for applications: for mail, calendar, docs, etc.
2. Amazon cloud servers: for my LAMP-based application

Fact is that I already changed this settings over 48 hours ago and google continues without seeing those MX records. The same happens with the TXT record for google site verification.

Is it possible that the CNAME for wogic.com is being pulled before the MX records, hence landing on the Amazon instance instead of Google? If that is the case, how should I configure these? AWS insists on the use of CNAME instead of A records.

Thanks for your support.

; wogic.com Dumped Sat Jun  9 05:10:27 2012
;
wogic.com. 86400 IN SOA ns1.he.net. hostmaster.he.net. (
2012060918 ; Serial
10800 ; Refresh
1800 ; Retry
604800 ; Expire
86400 ) ; Minimum TTL
wogic.com. 86400 IN NS ns1.he.net.
wogic.com. 86400 IN NS ns2.he.net.
wogic.com. 86400 IN NS ns3.he.net.
wogic.com. 86400 IN NS ns5.he.net.
wogic.com. 86400 IN NS ns4.he.net.
wogic.com. 86400 IN TXT "google-site-verification=5rJMzrABCDb5hHrdEFGHtgatiplKqb5hwC_R4ZANjhw"
wogic.com. 300 IN MX 1 ASPMX.L.GOOGLE.com.
wogic.com. 300 IN MX 5 ALT1.ASPMX.L.GOOGLE.com.
wogic.com. 300 IN MX 5 ALT2.ASPMX.L.GOOGLE.com.
wogic.com. 300 IN MX 10 ASPMX2.GOOGLEMAIL.com.
wogic.com. 300 IN MX 10 ASPMX3.GOOGLEMAIL.com.
calendar.wogic.com. 86400 IN CNAME ghs.GOOGLE.com.
docs.wogic.com. 86400 IN CNAME ghs.GOOGLE.com.
mail.wogic.com. 86400 IN CNAME ghs.GOOGLE.com.
sites.wogic.com. 86400 IN CNAME ghs.GOOGLE.com.
wogic.com. 86400 IN CNAME ec2-154-27-19-250.eu-west-1.compute.amazonaws.com.
www.wogic.com. 86400 IN CNAME ec2-154-27-19-250.eu-west-1.compute.amazonaws.com.
wogic.com. 86400 IN SPF "v=spf1 include:_spf.google.com ~all"

kasperd

I don't know where you got those records from. HE is not authoritative for the domain, and the HE DNS servers don't serve any records when queried for that domain.

If you want HE to be authoritative for your domain, you'll need to talk with your registrar about getting it changed.

wogic

Quote from: kasperd on June 09, 2012, 05:58:44 AM
I don't know where you got those records from. HE is not authoritative for the domain, and the HE DNS servers don't serve any records when queried for that domain.

If you want HE to be authoritative for your domain, you'll need to talk with your registrar about getting it changed.

I just intended to anonymize the domain. Sorry for that. Replace magicpig.com with mydomain.com.

kriteknetworks

Obfuscating your domain won't help us help you. Please provide pertinent details, thanks.

wogic


kasperd

Quote from: wogic on June 09, 2012, 05:38:57 AMIs it possible that the CNAME for wogic.com is being pulled before the MX records, hence landing on the Amazon instance instead of Google?
If there is a CNAME record then all other records for that name are ignored.

Quote from: wogic on June 09, 2012, 05:38:57 AMIf that is the case, how should I configure these?
You can keep using a CNAME for www, but for the main domain you have to use an A record instead. How frequently does the IP address change? I'd guess it doesn't change frequently considering the IP address has been encoded in the hostname.

If it does change you could look into dynamic updates.

Quote from: wogic on June 09, 2012, 05:38:57 AMAWS insists on the use of CNAME instead of A records.
Insisting on something doesn't help if it isn't technically possible.

snarked

Agreed.  Your zone is invalid.  CNAME may not coexist with any other record except DNSSEC-type records (RRSIG, NSEC, or NSEC3).  That's your problem.

The TTL of your MX records seems low too (for long term usage).

kasperd

Quote from: snarked on June 09, 2012, 01:39:30 PMThe TTL of your MX records seems low too (for long term usage).
Using a low TTL is a good idea until you have gotten it all working. After that it might be a good idea to increase it. The official documentation says the TTL of the MX records should be one hour.