0

I have created DNS zones for a few domains.

From my PC is I go to nslookup And then do server ns1-06.azure-dns.com It connects to that server and will use for name resolution. Then when I tell it to look up a record, it errors and says it can't find a record.

However if I do c:> nslookup

server 40.90.4.6 (that's the IP for ns1-06.azure-dns.com) Then request a record....it pulls up the record and shows the proper entry for the record.

So why is Azure DNS working only when the IP address is queried vs it's FQDN?

Seth
  • 9
  • 1

2 Answers2

1

It doesn't work for me with either the FQDN or the ip address. The answer I get is "Query Refused", which tells me that the server doesn't perform recursion... which makes sense, the server is more than likely only hosting the DNS zones and not acting as a recursive DNS server for DNS clients.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • But I thought the point of Azure DNS was to be able to host your domains in their DNS fabric??? Did I miss something? I did open port 53 for the inbound firewall rule in the NSG So maybe give that a try and then point to the IP address to see if it works for you. – Seth Oct 08 '19 at 16:23
  • Yes, they resolve DNS for the DNS zones that they host, not for everyone else's DNS. They're not a public recursive resolver like Google's public recursive resolvers (8.8.8.8 and 8.8.4.4). – joeqwerty Oct 08 '19 at 16:38
  • It's not a firewall issue. I can reach them just fine. The answer to my query was "Query Refused", which tells me they don't perform recursive resolution for domains not hosted with them. If you tell us the domain name of the the domain you have hosted with them we can test that. – joeqwerty Oct 08 '19 at 16:39
  • I am not looking for recursion. I am only querying for records that I know exist in the domains I added e.g. I create a domain called acme.com Then I add a record exchange.acme.com If I do nslookup and connect to the IP address, it will return the information for the 'exchange.acme.com' record If I do nslookup and connect to the FQDN of the server, then it errors and doesn't return anything. – Seth Oct 08 '19 at 16:54
  • If you give us the actual/real domain name we can help test and troubleshoot. Without it we have no idea why it isn't working. – joeqwerty Oct 08 '19 at 18:10
  • Ok. Domain is:: d2ms.com A record you can query for is 'exch.d2ms.com' In the Azure Portal, it lists this: ns1-06.azure-dns.com as the name server It's IP is: 40.90.4.6 – Seth Oct 08 '19 at 18:41
  • Also I am running nslookup from my cmd prompt to test this – Seth Oct 08 '19 at 18:42
  • That domain seems to have it's name servers elsewhere, not in Azure. – joeqwerty Oct 08 '19 at 21:17
  • https://tools.dnsstuff.com/#dnsReport|type=domain&&value=d2ms.com – joeqwerty Oct 08 '19 at 21:17
  • https://intodns.com/d2ms.com – joeqwerty Oct 08 '19 at 21:18
  • Correct. My on premise DNS servers are currently the ones I am using for handling the domain records I am putting them in Azure and testing for now. We have not pointed the lookups to use Azure DNS yet. But I can still connect to the Azure DNS servers and get back records that it is holding when I use nslookup and tell it to use a specific DNS server – Seth Oct 09 '19 at 10:56
0

Using various tools The Azure DNS works correctly For whatever reason, running nslookup and then specifying a name server, it didn't work properly But if you ran nslookup supplied a record and supplied the DNS server all in one line it would work properly.

I went ahead and moved over two zones to Azure and pointed to the Azure DNS It worked as it should.

Seth
  • 9
  • 1