Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

nslookup give timeout for 2time for every query and then resolve

Authority
Posts: 21
11509     0

Hi,
i recently shifted my zone from MS server to infoblox there is some observation that whenever i do nslookup it gives me 2 X time out for every query and than resolve also for the query for which my server is authoratitive.
when i switch back to MS or on my bind it is OK.
I understnad that some time nslookup is not recomended but if this happen on Infoblox it must happen on other platform.
right now i cannot install dig utility to test .
Any body have clue is there anything i am missing.

 

Thanks

Shaukat

Re: nslookup give timeout for 2time for every query and then resolve

Moderator
Moderator
Posts: 72
11510     0

Greetings!

Let me start with a couple of simple questions.

1. Do you have both v4 and v6 enabled on this Windows client? You can confirm this by navigating to ncpa.cpl-->Ethernet Properties

2. This could be because of DNS suffixes. You can confirm this by navigating to ncpa.cpl-->Ethernet Properties-->Ipv4 Properties-->Advanced-->DNS-->Append these DNS suffixes.

To workaround suffixes in nslookup you can perform the query with a period in the end. (www.example.com. instead of www.example.com)

3. If you run 'nslookup' in the following fashion, do you experience the same problem?

nslookup
server 10.X.X.X  // Specify your authoritative IB DNS server
set q=a  // This specifies that you are querying for an 'A' record
www.example.com  // Your DNS A record query FQDN



Best Regards,
Bibin Thomas

Re: nslookup give timeout for 2time for every query and then resolve

New Member
Posts: 1
11510     0

Hi Bibin,

Can this thread be re-opened/looked at?

I'm having a similar issue whilst we are on VPN using Cisco AnyConnect, but we are mainly using Infoblox as our DNS. nslookup using another Infoblox appliance still shows DNS request time outs. Often times it would resolve after two tries, but some other DNS names in our environment never return with a response (but internally it resovles fine)

Re: nslookup give timeout for 2time for every query and then resolve

New Member
Posts: 1
11510     0

This problem is related to the Local Zone not being reachable from Infoblox.

 

E.g, if your PC is in xyz.com and you are trying to lookup xxx.com the DNS queries will always try to look up the local zone and then the recursive queries will be forward to the XXX.com zone.

If your XYZ.com is not reachable from the Infoblox then this problem will be there.

Simple solution: add the DNS forward to XYZ.com in your Infoblox and then your problem will be resolved.

You can take the packet capture and see the result.

Re: nslookup give timeout for 2time for every query and then resolve

Authority
Posts: 33
11510     0

We've had the same issue during a pilot of a new config in AnyConnect with split tunneling. It's still not working great and seems to revolve around the local (home) network IP schema and the domain lists. 

 

I'd be interested in knowing what your solution is, if you find one, since one of the things I can't access over the VPN is the Grid Manager...

Re: nslookup give timeout for 2time for every query and then resolve

New Member
Posts: 1
11510     0

Thanks bkoshy, it was the suffixes that were causing my delay. The '.' at the end did the trick.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You