ThousandEyses - Local DNS not working

penguinpages · ‎05-30-2024

Basic Linux OVA Appliance import. Set IP and DNS and NTP and key. It joins cloud fine, but unable to resolve any local DNS zones.

I enabled SSH and it shows Intranet DNS servers as expected but not able to resolve local zone based A and PTR zones but if I bypass the appliance DNS cacheing system it works (so not firewall or server side).

```

thousandeyes@thousandeyes01:~$ ping foo.apps.k8dev.dash.acme.local
ping: foo.apps.k8dev.dash.chaska.local: Temporary failure in name resolution
thousandeyes@thousandeyes01:~$ resolvectl status
Global
LLMNR setting: no
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: 10.89.158.10
DNS Servers: 10.89.158.10
10.89.157.10
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test

Link 7 (vethd57a980f)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no

Link 3 (te-bbot-ipv4)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no

Link 2 (eth0)
Current Scopes: none
DefaultRoute setting: no
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
thousandeyes@thousandeyes01:~$ nslookup - 10.89158.10

> foo.apps.k8dev.dash.chaska.local
Server: 10.89.158.10
Address: 10.89.158.10#53

Name: foo.apps.k8dev.dash.acme.local
Address: 10.89.155.5
> exit

thousandeyes@thousandeyes01:~$ tail /var/log/syslog
tail: cannot open '/var/log/syslog' for reading: Permission denied

```

Seems like a basic function that is just not working. And with account locked down .. hard to debug more

Tyler Langston · ‎06-03-2024

Hi @penguinpages - I ran your question by our engineers and they have some input:

The use of .local domains is generally discouraged in enterprise environments. The correct behavior for .local is that it is not intended to be resolved as a standard domain, it's reserved for use with mDNS. We don't currently support mDNS in our product.

If you're still running into issues with this and want some expert advice, please consider opening a chat with us!