Reply

Cannot resolve specific domain

Adviser
Posts: 77
2914     0

Hi Infoblox Community,

 

Im sorry if im breaking the rules on the forum. I have an issue which one of my customer infoblox cannot resolve dns specific domain (now i found only 1 domain which cannot be resolve) Im trying to dig the domain from infoblox and the answer is connection time out. The infoblox use as resolver and using the root servers.

 

From the packet capture i find something unusual after infoblox respond from root servers, i see the udp payload size is 4096 - udp payload size . On the next packet, infoblox trying to query to ns given by root with payload size 512 and theres no query respond from the NS - query udp payload size .

 

Any idea what could be the cause? i attach the packet capture, for specific domain issue please use filter dns.qry.name == "detikhost.com". --> pcap

 

Regards

 

 

Re: Cannot resolve specific domain

Community Manager
Community Manager
Posts: 356
2915     0
The behavior that you are seeing here is pretty typical of a firewall blocking the traffic. If there is a firewall between your Infoblox appliance(s) and the Internet, I would recommend starting there. There are many firewalls with configurations where UDP traffic larger than 512 bytes will be blocked by default and this is consistent with what I see in the packet capture that you provided. Regards, Tony

Re: Cannot resolve specific domain

Adviser
Posts: 77
2915     0

Hi 

 

 

 

Re: Cannot resolve specific domain

Community Manager
Community Manager
Posts: 356
2915     0

You can try disabling the EDNS0 option to see if that helps but it would not recommended to leave it disabled. There is a lot of functionality that depends on this capability that would be impacted, such as DNSSEC validation and the resolution of records which contain a large amount of data.

 

As a next step, I would recommend looking at your firewall to see if these queries are reaching it and if so, are they going out, is a response being received, and is that response making its way back through the firewall? That would help guide where to concentrate your efforts.

 

Regards,

Tony

Showing results for 
Search instead for 
Did you mean: 

Recommended for You