VxRail: VxRail cluster internal DNS cannot forward the request to the upstream DNS server

Summary: When configuring an upstream DNS server for a VxRail cluster through API or VxRail plugin-in UI, and the cluster is using VxRail manager as its internal DNS server, the DNS queries are not forwarded to the designated upstream DNS server. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

When using the command nslookup in vCenter after adding the upstream DNS server in the VxRail cluster, the request was refused by the server.

root@vcluster235-vcsa [ ~ ]# nslookup google.com
Server:         127.0.0.1
Address:        127.0.0.1#53

** server can't find google.com: REFUSED

root@vcluster235-vcsa [ ~ ]# nslookup google.com 172.17.44.200
Server:         172.17.44.200
Address:        172.17.44.200#53

** server can't find google.com: REFUSED

The VxRail manager which is the internal DNS server is not forwarding the query to the upstream DNS server.

 

Cause

For security reasons, starting from 7.0.450 and 8.0.000 releases, VxRail manager is configured as the authoritative DNS server in an internal DNS environment, as a result the external domain DNS queries are not forwarded to the upstream DNS server.

 

Resolution

Follow the steps provided below to manually add the upstream DNS server on vCenter and the ESXi hosts:

  • Add an upstream DNS server on vCenter:

    1. Go to https://<vCenter_Server_Ip>:5480
    2. Go to Networking and click Edit
    3. Drop down the Hostname and DNS on Edit settings.
    4. Enter the upstream DNS server following the internal DNS server IP, separating them with commas
    5. Click Next and Finish, wait unit the DNS is updated.
    6. SSH to vCenter
    7. Use nslookup to ensure that the upstream DNS server could be queried on vCenter
      • Example: nslookup google.com
        Output example of nslookup

  • Add an upstream DNS server on ESXi Hosts, repeat the below steps on each node:

    1. Go to vSphere Client
    2. Go to Hosts and Clusters > VxRail-Cluster > selected Host > Configure > Networking > TCP/IP Configuration
    3. Select Default and Click Edit
    4. Select DNS configuration, enter the upstream DNS server on Alternate DNS server and press OK.
    5. SSH to ESXi node
    6. Due to command limitation on ESXi, use ping to ensure that the FQDN could be resolved by the upstream DNS server.
      • Example: ping www.google.com -c 1
        Output example of ping google.com

 

Additional Information

When a node is added to the cluster, the above changes must be completed on the newly added node.

 

Affected Products

VxRail Software
Article Properties
Article Number: 000226207
Article Type: Solution
Last Modified: 31 Jul 2024
Version:  3
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.