Large DNS Response Failing through Full VPN
Article ID: CTX222730
Updated On:
Description
Error "Unspecified Error"
Cannot Resolve Host names .
Resolution
Apply nsapimgr.sh as below .
root@Netscalerhostname# nsapimgr_wr.sh -ys enable_vpn_dns_override=1
Number of PEs running: 1
Changing enable_vpn_dns_override from 0 to 1 ... Done.
This will Change the Non-existing DNS IP Coming in the GET /cs Request to the DNS IP Configured on NetScaler
root@Netscalerhostname# nsapimgr_wr.sh -ys enable_vpn_dns_override=1
Number of PEs running: 1
Changing enable_vpn_dns_override from 0 to 1 ... Done.
This will Change the Non-existing DNS IP Coming in the GET /cs Request to the DNS IP Configured on NetScaler
Problem Cause
- Whenever the Back-end Server DNS Response Exceeds 512 Bytes , Truncate flag is SET in the DNS Response , Which forces the Client to try the DNS Request over TCP .
- But in case of VPN GET /cs Request is Sent to the DNS Server which has a Non-Existent IP. As a Result the DNS Request Fails
Was this article helpful?
Yes
No
Powered by
