02-26-2016 12:46 AM
I've been trying to implement vNIOS (NIOS version 7.3.1) in my lab environment. I use NAT IPs for my vNIOS and test machine which is connected to a router and public IP. I only use 1 DNS server and I'm using the default configuration except I enable recursive queries. The result is as follows:
- Some international domains cannot be resolved: pearsonvue.com, reuters.com, etc.
- All local domains can be resolved successfully.
- For other domains which have been resolved: Once I clear the cache or restart service, those domains unexpectedly failed to be resolved (randomly). SERVFAIL is the most to show.
- When I use dig +trace, sometimes I find 'BAD (HORIZONTAL) REFERRAL'.
Is there any additional configuration which I need to add?
Thanks in advance
Solved! Go to Solution.
02-26-2016 09:42 AM
Is your DNS server forwarding to another DNS server , or using the root servers for non-authoritative queries ?
Perhaps the system doing the NAT is dropping packets on the return journey ? Could it be having issues with EDNS0?
dig +trace won't show the query path being used by the DNS server. But you can try a dig from the console of the appliance to understand how it sees things.
02-29-2016 05:09 AM
I'm not forwarding the queries to another server for this settings.
As for the NAT system, I don't think there's any packet drop because the guy who maintain the system had given me the result and no issues.
I guess I have to do the test in another environment to make sure. Thanks for the suggestion.