teamviewer.com link icon
or
Ask The Community

Authoritative DNS returns NXDOMAIN for routerpool7.rlb.teamviewer.com

Teamviewer is unable to connect to the servers because it is getting NXDOMAIN replies when trying to connect to router7.teamviewer.com (or any other routerX hostname).

The auhtoritative response to router7.teamviewer.com is ok and it is a CNAME routerpool7.rlb.teamviewer.com. But response to A query for routerpool7.rlb.teamviewer.com on authoritave DNS server 185.81.208.1 is NXDOMAIN

@185.81.208.1 routerpool7.rlb.teamviewer.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> @185.81.208.1 routerpool7.rlb.teamviewer.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45639
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;routerpool7.rlb.teamviewer.com. IN A

;; Query time: 186 msec
;; SERVER: 185.81.208.1#53(185.81.208.1)
;; WHEN: Tue Apr 28 08:21:23 CEST 2020
;; MSG SIZE rcvd: 5

This happens only in specific network. Could that be an issue on your DNS server or datacenter? 

Besides that it seems that there is also an issue with DNSSEC according to dnsviz https://dnsviz.net/d/router7.teamviewer.com/Xqc93A/dnssec/

tv.PNG

Tagged:

Comments

  • JeanKJeanK Posts: 3,103 Moderator
    edited December 2020

    Hello @anyuserqwerty 

    Thank you for your message and welcome in the Community! ?

    We have forwarded your input to our dedicated team.
    We are investigating this right now.

    Best,

    Jean

    French Community Moderator
  • jeansiebjeansieb Posts: 2

    Good day

    What is the update of this issue?
    I see that we are also randomly getting NXDOMAIN for any of the routerpoolX.rlb.teamviewer.com domains from all of your authorative servers. 
    DNSSEC is still broken (Incomplete) which seems to be the cause for this.
    https://dnsviz.net/d/router7.teamviewer.com/Xqc93A/dnssec/
    https://dnsviz.net/d/router5.teamviewer.com/dnssec/

  • jeansiebjeansieb Posts: 2

    Good day

    Of further investigation I am finding that randomly, any of the routerpoolX.rlb.teamviewer.com hostnames can not get and answer from ANY of the TeamViewer name servers

    tv-ns1.rlb.teamviewer.com
    tv-ns2.rlb.teamviewer.com
    tv-ns3.rlb.teamviewer.com
    tv-ns4.rlb.teamviewer.com
    tv-ns5.rlb.teamviewer.com

    Direct lookup against them, a dig +trace from a host, or a recursive lookup via my server, all have this behaviour and show that the authorative servers are randomly giving a NXDOMAIN answer.

    DNSSEC is still broken for your DNS, and has been reported months ago. 

    When can we expect a resolution to this?

  • 768kb768kb Posts: 1 Newbie
    edited December 2020

    This is still the same:

    Dec 20 19:35:39 fedoralaptop systemd-resolved[733]: [🡕] DNSSEC validation failed for question routerpool11.rlb.teamviewer.com IN SOA: failed-auxiliary

    Dec 20 19:35:40 fedoralaptop systemd-resolved[733]: [🡕] DNSSEC validation failed for question routerpool5.rlb.teamviewer.com IN SOA: failed-auxiliary

    Dec 20 19:35:40 fedoralaptop systemd-resolved[733]: [🡕] DNSSEC validation failed for question routerpool12.rlb.teamviewer.com IN A: failed-auxiliary

    Dec 20 19:35:40 fedoralaptop systemd-resolved[733]: [🡕] DNSSEC validation failed for question routerpool6.rlb.teamviewer.com IN A: failed-auxiliary

    Guys, please disable DNSSEC, or take some time to configure it right.

Sign In or Register to comment.