Troubleshoot DNS service issues in NSX

 
This section will be very similar to the previous section on troubleshooting DHCP. Again, the first thing to check is to ensure that service is up and running. To confirm this, you will log into the Edge device via SSH and run the following command.
 

vShield-edge-3-0> show service dns
-----------------------------------------------------------------------
vShield Edge DNS Server Status:
DNS is running (PID 21556).

 
You can check the configuration of DNS by running the following command. As you can see, I have configured 192.168.1.10 as my DNS server, the cache size is 16, and logging is set to info.
 

vShield-edge-3-0> show configuration dns
-----------------------------------------------------------------------
vShield Edge DNS Config:
{
   "dns" : {
      "views" : [
         {
            "recursion" : true,
            "enableForwarding" : true,
            "name" : "vsm-default-view",
            "zones" : null,
            "forwarders" : [
               "192.168.1.10"
            ],
            "matchInterfaces" : [
               "any"
            ],
            "matchClients" : [
               "any"
            ]
         }
      ],
      "logging" : {
         "enable" : true,
         "logLevel" : "info"
      },
      "enable" : true,
      "listenOn" : [
         "192.168.100.3",
         "192.168.100.4",
         "192.168.10.1"
      ],
      "cacheSize" : 16,
      "zones" : null,
      "forwarders" : [
         "192.168.1.10"
      ]
   }
}

 
Next, I recommend that you enable logging for DNS. You can do this by navigating to Networking & Security -> NSX Edges and double click the Edge device with DNS. Then, navigate to Manage -> Settings -> Configuration and click Change next to DNS Configuration. You will be presented with the options pictured below, ensure that Enable Logging is checked.
 
1
 
Again, I have set my logging level to info. You can run the command below to view the log, and look for any entries relating to ‘dns’
 

vShield-edge-3-0> show log

 
Lastly, you can view and delete the dns cache information. You will want to do this if you believe that the DNS resolution is returning incorrect values due to recent changes that haven’t been updated to the DNS cache.
 

vShield-edge-3-0> show service dns cache
"my" variable $destAddr masks earlier declaration in same scope at /opt/vmware/vshield//Plugins/features/msr/MsrRedist.pm line 419.
"my" variable $destLen masks earlier declaration in same scope at /opt/vmware/vshield//Plugins/features/msr/MsrRedist.pm line 419.
;
; Start view vsm-default-view
;
;
; Cache dump of view 'vsm-default-view' (cache vsm-default-view)
;
$DATE 20150527181348
;; answer vc1.vcloud.local 284 PTR 192.168.1.10 
vShield-edge-3-0> enable
Password:
vShield-edge-3-0# clear service dns cache

 

Leave A Comment

Your email address will not be published. Required fields are marked (required):

Back to Top