09-21-2014 11:35 AM
This is my first thread to the community. Sorry if I am breaking any rules of the forum.
I have a query, thought to discuss with experts, I hope this is the right place to discuss the same.
Recently we noticed that both our internal and external DNS services hosted on
Infoblox appliances are not resolving some domain names. But at the same time, the
same domain name can be resolved using either Google DNS server or ISP DNS
server. Is there any reason for this?
Our Infoblox appliances are configured to send the DNS queries to Internet root hint servers. Any idea what could be the cause?
Solved! Go to Solution.
10-28-2014 12:12 PM
Have you attempted to get a packet capture off of the Infoblox appliance or anywhere "north" of it to determine if there is something manipulating the response? It would be odd for the Infoblox appliance to be able to resolve some, but not all, domains while external systems can do so successfully without something "in the middle" causing the issue".
I would also suggest checking a possible culprit...Some of the domains being looked up may have larger packets and if you do not have TCP port 53 open, that would definitely be an issue. DNS does not use ONLY UDP port 53. Both TCP and UDP are required from server to server.
In addition, you may want to make sure your firewall is not preventing EDNS0 from working as well.