Environment:
Rocky Linux 8 and 9 host in AWS pointing to AWS dns for internal DNS.
All hosts use DHCP as recommended by AWS.
AWS dns uses Route53 rules to forward requests to ActiveDirectory DNS servers in AWS.
Problem:
If I run nslookup rockytest.internal.com I get the internal IP (10.110.1.10) just fine. Then if I try nslookup 10.110.1.10 and / or many of our internal IPs I will generally get back ip--ec2.
Now if I change the nslookup command and do: nslookup a.b.c.d I will ALWAYS get the correct A record.
Thats telling me that either the local resolver is causing issues or the AWS dns forwarder / Route53 rules are causing issues. The problem with nslookups of IPs seems to happen across all rocky linux machines. Its not constant that a single IP will produce the same result across all host. Just that we have the problem constantly.
We do not do dnsmasq. I do not know if that would fix my issues or not. Whenever I try to figure out how to log dns resolver queries I get lots of different results but none of them work. Maybe you cannot do it???
Nslookup of an IP checks it’s PTR so reverse DNS record. That is controlled by the people providing the IP address - so in this instance AWS. I don’t know if they allow you in your web panel to configure the reverse DNS record or not - could be under the network area where the IP addresses are listed.
Otherwise, if your DNS server is configured to resolve your domains, it’s not configured to resolve PTR - in which case you could also configure it here to resolve it for your before it’s forwarded to AWS as it is doing right now because it doesn’t find it locally configured.
After a lot more diagnostics I proved to myself that the problem is not in Rocky Linux at all but seems to be an AWS thing. Our DNS can resolve the PTR records but only when I point nslookup directly at on of the DNS servers. If I let AWS use its Route53 Resolver thats when things go south…