Reply

DNS CNAME disparity for MS Sharepoint service

Techie
Posts: 10
730     0

Greetings all.

 

I am experiencing a DNS issue whereby I find that when I resolve a specific CNAME record against an external DNS resolver (1.1.1.1 in this case) I get a certain number of records returned. The original record queried is a CNAME that resolves to multiple other CNAMEs and then eventually to two A records.

 

When I do the exact same query to my internal Infoblox DNS server I get all the same CNAME records but with an additional two CNAME records added. I would not normally worry but I'm finding that users inside my network (using my DNS server) are having issues connecting to this MS Sharepoint service but if they use the external resolver (1.1.1.1) everthing works fine.

 

If I query the CNAME against the external resolver one CNAME at a time I get all the same records. It's only when doing a single query that the external resolver has two less CNAMEs.

 

So I get that the external resolver may be returning fewer results to save traffic via query optimisation/consolidation etc but I don't understand why the two extra CNAMEs from my internal DNS is breaking things so badly.

 

Here are the various outputs slightly redacted:

 

dig @1.1.1.1 aaabbbccc.sharepoint.com +short
6710-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com.
190434-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com.
190434-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net.
190434-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net.
dual-spo-0005.spo-msedge.net.
13.107.a.b
13.107.b.c

 

$ dig @internal_DNS aaabbbccc.sharepoint.com +short
6710-ipv4v6e.clump.dprodmgd104.aa-rt.sharepoint.com.
190434-ipv4v6e.farm.dprodmgd104.aa-rt.sharepoint.com.
190434-ipv4v6w.farm.dprodmgd104.sharepointonline.com.akadns.net.
190434-ipv4v6e.farm.dprodmgd104.sharepointonline.com.akadns.net.
190434-ipv4v6g.farm.dprodmgd104.sharepointonline.com.akadns.net.
190434-ipv4v6.farm.dprodmgd104.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net.
dual-spo-0005.spo-msedge.net.
13.107.a.b
13.107.b.c

 

Both my internal and the external DNS servers are not authorative for this particular domain.

My Infoblox is set to return "minimal results". I'm running Trinzic appliances of various models in a grid running NIOS 9.0. Packet captures between the two DNS servers and my test client confirm that the queries are replied to as reported by dig. I've tried clearing all my DNS caches but it always learns the same CNAMEs again.

 

Any and all advice is appreciated.

Kind regards

 

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You