12-07-2015 07:15 AM - edited 12-07-2015 07:20 AM
We are running AOS 126.96.36.199 on a 7210 controller with 155 APs of various models. Our production SSID is a .1X using ClearPass (6.5.3) as the NAC/radius server authenticating to our 2012 R2 Active Directory. Occasionally when a client (Mac OS 10.10 clients) comes online, they are unable to look up internal DNS entries (i.e. connecting to a FileMaker server using a favorite host). They have a good IP with internal DNS servers listed, but they cannot look up any internal DNS name. I have never been able to replicate it on the fly, I only ever hear about it from a user and I have them flip wifi off and back on again and they are able to look up the host. Our AD/DNS is brand new this year, but I remember this happening last year as well. It also doesn't seem to affect wired clients, so I really think it's something on the Aruba side. We push out two internal DNS servers and one external (Google) via DHCP. I can't say for sure, but I believe the IP that gets returned during a lookup is our external domain's wildcard which points to our web site so it's almost as if the internal DNS servers are being ignored.
I've searched on here and found people with similar issues, but they have been resolved with an AOS update. I'm fairly current (188.8.131.52), and I just went over the release notes for 184.108.40.206 and I don't see anything about this type of DNS problem.
Has anyone else seen this? Not a big deal, but I'd love to get it resolved!
12-07-2015 07:27 AM
You said that you push out two internal DNS servers and one external DNS. As you said, there are chances that the external server is queried some times.Check the output of the below command when the client looks up for the url.
# show datapath session table <client-ip> | include <DNS-server-ip>
Check this with all the three DNS server-ip, you can find when DNS is being used. You can also try a client side packet capture using Wireshark to understand what is happening with the DNS packets.