Re: ACE DNS issue

mj11 · ‎01-24-2011

Hi All

I have come across a problem with our ACE service modules. This is performing DNS load balancing with our servers, which is working fine, with the exception of the following order of events;

The client tries two queries in quick succession for A and AAAA records, the ACE is closing the SLB session the instant a DNS answer comes back. This is causing problems with clients that make 2 lookups very quickly, from the same source port.

The ACE module is running A2(2.4).

Any help much appiracted.

Regards MJ

cpomeroy · ‎01-24-2011

MJ,

Are you using DNS inspection?

Chris

mj11 · ‎01-24-2011

Hi Chris

Thanks for the response, yes DNS inspection is in use.

Regards MJ

cpomeroy · ‎01-26-2011

MJ,

If this is a non-production environment, I would try to turn on DNS inspect. DNS inspect checks to ensure there is only one DNS request per connection. If the second request is hitting the ACE prior to a response for the first then the second request will be dropped. If it works without DNS inspect enabled, I would ask that you open a TAC case so we can gather addtional data. In the meantime you can see DNS inspect errors with the following commands:

sh np 1 me-stats "-sfixup -v"

sh np 2 me-stats "-sfixup -v"

Thanks

Chris

mj11 · ‎01-28-2011

Hi Chris

Thanks for the update, I have tried with DNS inspection disabled but this is still the case.

Regards MJ