Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 9 replies
  • Subscribers 30 subscribers
  • Views 38315 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNS Behaviour

SimonSlaytor

Hey Folks,

As a long time UTM Home user I decided to take the plunge and go XG. Yes its frustrating at times but after persisting for a few days I now have almost everything working the way it should. 

I say almost as I have an annoying problem with the DNS, my problem is this. I like many I'm sure run my own SMTP/IMAP mail server behind the XG serving mail for my registered domain name. 

On the external registrars DNS server I have setup the required A record to point my MX records and host name to my external IP address and after setting up the required business rules to forward SMTP/S and IMAPS to my internal server external access works well.

Now when I'm back home and behind the XG I use the same phone/laptop etc to access my mail so need to have the XG resolve the DNS name to the internal IP address for these private clients.

I have added a static DNS entry on the XG mapping the correct entry and selected IPv4 first in the DNS query order. From a client machine 50% of the time the DNS resolves correctly to the internal address however the other 50% of the time the DNS is resolved to the external IP address of the XG i.e. as if the XG is not resolving the request locally but instead forwarding the request to the external DNS server.

For static 'desktop' clients I can tweak local hosts files to override the issue but this isn't an option on my smart phone and impractical on my laptop.

Any pointers on what I need to do in order for XG to consistently resolve the DNS?

Cheers



This thread was automatically locked due to age.
Parents
  • 0

    Simon,

    your thread is really interesting. Is the DNS enabled on WAN zone under System > Administration > Device access?

  • 0 in reply to lferrara

    Hi Luk,

    See screen grabs below, note I've moved over to HE.net's / Googles IPv6 DNS servers.

     

    Below results from my local workstations 'pinging' an internal server this morning, there was a 15 minute gap between pings.

    C:\Users\xxxx>ping xen-backup.xxx.com

    Pinging xen-backup.xxx.com [172.16.10.38] with 32 bytes of data:
    Reply from 172.16.10.38: bytes=32 time=1ms TTL=64
    Reply from 172.16.10.38: bytes=32 time=1ms TTL=64
    Reply from 172.16.10.38: bytes=32 time=1ms TTL=64

    Ping statistics for 172.16.10.38:
    Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 1ms, Average = 1ms
    Control-C
    ^C
    C:\Users\xxx>ping xen-backup.xxx.com
    Ping request could not find host xen-backup.xxx.com. Please check the name and try again.

    C:\Users\xxx>

Reply
  • 0 in reply to lferrara

    Hi Luk,

    See screen grabs below, note I've moved over to HE.net's / Googles IPv6 DNS servers.

     

    Below results from my local workstations 'pinging' an internal server this morning, there was a 15 minute gap between pings.

    C:\Users\xxxx>ping xen-backup.xxx.com

    Pinging xen-backup.xxx.com [172.16.10.38] with 32 bytes of data:
    Reply from 172.16.10.38: bytes=32 time=1ms TTL=64
    Reply from 172.16.10.38: bytes=32 time=1ms TTL=64
    Reply from 172.16.10.38: bytes=32 time=1ms TTL=64

    Ping statistics for 172.16.10.38:
    Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 1ms, Average = 1ms
    Control-C
    ^C
    C:\Users\xxx>ping xen-backup.xxx.com
    Ping request could not find host xen-backup.xxx.com. Please check the name and try again.

    C:\Users\xxx>

Children