Forum Discussion
mike_aws_119486
Feb 22, 2019Nimbostratus
OK we think we can see what it is doing but not why.
The F5 is configured with System DNS servers (System -> Configuration -> Device -> DNS -> DNS Lookup Server List).
These are set to internal DNS servers for resolving the hostnames of internal services used by the F5 such as AD/LDAP etc.
If we do a TCPDUMP on the F5 with and without recursion enabled, we can see that when recursion is enabled its trying to resolve against these IPs first which explains the two Time Outs:
DNS Query 1 - Goes to IP 1 from DNS Lookup Server List DNS Query 2 - Goes to IP 2 from DNS Lookup Server List DNS Query 3 - Successfully resolves either locally or via Forwarder
So the question is how we stop it doing this?