DNS Issue with akamai services

Hi all,
I have a strange behaviour in dns name resolution.
the company for which I work buyed akamai services for name resolution and availability for .
So external query are managed by akamai but internal query are provided by our dns.
the clients are configured by dhcp with a dns that is not authoritative for that zone involved but and is configured with a conditional forwarder to the server authoritative for that zone.
everything works fine for a while but sometimes internal client resolve names with the one provided by akamai.
I perform a clear cache on the dns server configured on the clients and everythings works fine again.
Could be that the dns configured on the client experienced a time out and use the root hints instead ? how could avoid this strange behavior?

August 21st, 2015 3:31pm

Hi Luca,

>>the clients are configured by dhcp with a dns that is not authoritative for that zone involved but and is configured with a conditional forwarder to the server authoritative for that zone.

As far as I know, I'm afraid we could not configure a conditional forwarder for a existing zone on DNS server.

I suppose you mean forwarder, am I right? If yes, when forwarder is not responding, the DNS server would query root hints(if configured). That's why client got answer from public DNS.

If you don't want clients to get answer from public DNS, we could delete the root hints on DNS server. But, if the forwarder could not resolve the query, the query would fail.

Best Regards,

Leo

Free Windows Admin Tool Kit Click here and download it now
August 24th, 2015 5:30am

Hi Leo,
thanks for answering!
Sorry from my messed up explanation and for my english!! :-)
To summarize
All Clients are configured to use DNS A
DNS A has a conditional forwarder to domain B
If I understood well If DNS A for some reason receive a timeout from the conditional forwarders and use root hints.
At this point DNS A cached akamai server resolution.
In your opinion disable cache locking could be beneficial?

August 24th, 2015 6:23am

Hi Luca,

>>If I understood well If DNS A for some reason receive a timeout from the conditional forwarders and use root hints.

That's correct.

Clients would also cache the answers got from DNS server. Diabling cache on DNS server may not solve the problem.

As a workaround, on DNS A, we could add a secondary forward lookup zone of domain B. Then DNS A could resolve the queries of domain B locally. It could also improve the performance when clients are quering records of domain B.

Best Regards,

Leo

Free Windows Admin Tool Kit Click here and download it now
August 24th, 2015 9:47pm

Thank you so much I will follow your suggestion.
In your experience there is a way to export an active directory integrated zone and import on a DNS of a different domain? I Ask you because the zone in involved is quite big and would be take a lot of time to recreate manually
Regards
Luca

August 25th, 2015 2:57am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics