DNS Resolver Response: No answers in DNS resolver" for <domain>
search cancel

DNS Resolver Response: No answers in DNS resolver" for <domain>

book

Article ID: 247799

calendar_today

Updated On:

Products

ProxySG Software - SGOS Advanced Secure Gateway Software - ASG ISG Proxy

Issue/Introduction

Seeing error "DNS Resolver Response: No answers in DNS resolver" for some domains, but not others.

#test dns <domain.com> shows the error and can also be seen in PCAP.

While the ProxySG returned the DNS Resolver Response: No answers in DNS resolver" error we could also see other DNS requests processed successfully. 

Environment

DNS using both TCP and UDP

Cause

TCP wasn't allowed in the custoomer's firewall for DNS traffic.

 

Resolution

 

Ensure any firewall between ProxySG and DNS Servers allow both TCP and UDP for port 53 traffic.

 

 

Additional Information

Note: DNS has always been designed to use both UDP and TCP port 53 from the start, with UDP being the default, and fall back to using TCP when it is unable to communicate on UDP, typically when the packet size is too large to push through in a single UDP packet.

Powered by Wolken Software