Netscaler 11 .1 AWS - Unable to resolve DNS
Article ID: CTX218880
Updated On:
Description
Netscaler 11 . 1 AWS - Unable to make DNS queries
Resolution
NS should auto detects DNS server from the DHCP request sent during boot.
This is programmed into the /etc/resolv.conf. so check the /etc/resolv.conf file has the following entries
-----------------------------------
domain amazonaws.com
nameserver 10.228.127.14---should change with your DHCP configuration for AWS
nameserver 127.0.0.2 ---Used for locally defined DNS queries
-----------------------------------
Perform a dig @10.228.127.14 ec2.amazonaws.com. By performing DIG request we should get the requested FQDN IP. If not please check the UDP port 53 traffic is opened on the VPC torward the DNS server defined and check that your local DHCP is assigning you the right DNS server. If detected some issues on the local DHCP server, after fix it, reboot the Netscaler and check /etc/resolv.conf file.
Check if you are able to get DNS resolution using some local DNS, if so add the name server to the Netscaler config by add nameServer server_IP and test with dig ec2.amazonaws.com.
Note: local nameservers defined on the cli use the 127.0.0.2 entry on the /etc/resolv.conf file.
If still unable to resolv check the name server status using show nameserver, should be on UP state. If down check that port 53 is allowed on the VPC toward the nameserver.
Workaround:
===
If server shows down but you are able to do DNS request by: dig @server ec2.amazonaws.com and resolve the FQDN, modify the resolv.conf files (should be two of them, use find / -name resolv.* to modify both files).
DNS servers showing down
resolv.conf files missing amazon DNS
This is programmed into the /etc/resolv.conf. so check the /etc/resolv.conf file has the following entries
-----------------------------------
domain amazonaws.com
nameserver 10.228.127.14---should change with your DHCP configuration for AWS
nameserver 127.0.0.2 ---Used for locally defined DNS queries
-----------------------------------
Perform a dig @10.228.127.14 ec2.amazonaws.com. By performing DIG request we should get the requested FQDN IP. If not please check the UDP port 53 traffic is opened on the VPC torward the DNS server defined and check that your local DHCP is assigning you the right DNS server. If detected some issues on the local DHCP server, after fix it, reboot the Netscaler and check /etc/resolv.conf file.
Check if you are able to get DNS resolution using some local DNS, if so add the name server to the Netscaler config by add nameServer server_IP and test with dig ec2.amazonaws.com.
Note: local nameservers defined on the cli use the 127.0.0.2 entry on the /etc/resolv.conf file.
If still unable to resolv check the name server status using show nameserver, should be on UP state. If down check that port 53 is allowed on the VPC toward the nameserver.
Workaround:
===
If server shows down but you are able to do DNS request by: dig @server ec2.amazonaws.com and resolve the FQDN, modify the resolv.conf files (should be two of them, use find / -name resolv.* to modify both files).
Problem Cause
Unable to resolve DNS entriesDNS servers showing down
resolv.conf files missing amazon DNS
Was this article helpful?
Yes
No
Powered by
