LAN devices cannot resolve DNS hostnames

Description - Devices on the LAN are unable to resolve hostnames and are experiencing connectivity issues to internal or external hosts

Indicators of this issue - DNS resolution failures may occur continually or intermittently when attempting to browse the web.

Potential Causes

  • Internal applications or services DNS records have not yet globally propagated or are not updated to use new Bigleaf-provided LAN network IP addresses.

  • LAN or remote work client machines are configured to use ISP DNS server(s) or DNS server(s) that were using legacy ISP IP addresses.

  • Routing issues between legacy DNS servers and clients after cutover to Bigleaf service.

  • ISP DNS servers use a whitelist to accept traffic from specific networks, which will not work without updating IP addresses after the cutover to the Bigleaf service using Bigleaf-provided IP addresses.

Tests and Solutions

  • Ensure DNS records have been updated with new Bigleaf-provided LAN network IP addresses.

  • Verify the DNS server that is being used by clients and users.

    • We advise using public resolvers from major cloud or CDN providers, such as Google DNS (8.8.8.8), Cloudflare (1.1.1.1), OpenDNS (208.67.222.222), or Quad9 (9.9.9.9).

    • Note that this is not a full list, and you should verify a DNS provider's instructions and documentation to ensure the proper addresses and configuration is put into place for optimal results.

  • Use the tcpdump function on the Troubleshooting tab of the Bigleaf Web Dashboard to identify if DNS traffic working as intended.

    • Select primary CPE as the device, the LAN interface, and “port 53” for the filter.

    • If you see DNS “refused” or only 1-way DNS requests, likely there is a misconfiguration.

    • If you see few or no DNS packets originating from the site, there may be a LAN-side DNS misconfiguration, either in the client configuration or routing configuration.

Have more questions? Submit a request

Comments

Powered by Zendesk