Weird DNS issue - ....help

ledoktre · December 18, 2020, 9:47pm

Hey everyone.

I am relatively new to the FreePBX and ClearlyIP community. As I have been adding FreePBX boxes, I have noted that my DNS usage is going up significantly (I use an IP Anycast DNS provider for name resolution).

Whats got me scratching my head is that when I add a server in a given area, I start getting traffic not from the box itself or even the box’s DNS server, but a server on that network. Presumably in its path. (I say this because when I look at the logging from the DNS system, it shows the source IP addresses, and they are not of the box or even the box’s DNS server, but similar provider or location)

The DNS queries (and the reason for me asking) are malformed. They end up with not getting a reply, so they keep re-trying.

A query might look like this :

1.us-central.clearlyip.pbx.domain.com.
162.243.226.67/32.pbx.domain.com.

The latter one looks like an IP address in CIDR notation but with a domain attached to the end. It is very perplexing and Im trying to figure out what might be causing this.

Has anyone heard of this behaviour in either FreePBX or Asterisk?

Right now I am getting in the neighborhood of 450+ NX domain lookups in a 5 minute period.

Thanks,

ledoktre · December 21, 2020, 4:57pm

For anyone who maybe has had this issue, I figured out the issue, sort of.

I had originally set the FreePBX FQDN of the box to xxxx.pbx.domain.com, which was reachable by DNS.

I had the thought that it might somehow be related to the domain (hostname -d) being automatically appended to the DNS queries. Normally done by adding the ‘search’ line to to the resolv.conf file. Someone else suggested this might be the issue too, so I checked.

I could find nothing in /etc/hosts, /etc/sysconfig/network, or anywhere else.

For kicks and giggles I went ahead and changed my hostname in FreePBX to xxx.pbx.domain (left off the .com) and sure enough, the excessive queries to my DNS provider stopped.

So while I got rid of the excessive DNS queries, I was not able to figure out why Asterisk or CentOS was applying my domain name to queries - even for IP notations x.x.x.x/32. That makes NO sense. But it is working now, so it is all good.

system · June 3, 2021, 11:01pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.