I’ve been having some issues with BlueCoat DNS for a few days now. Since I’m not seeing a huge outcry, I”m wondering if its just me.
It started with warning emails from each BlueCoat appliance saying they “Download of the BlueCoat WebFilter database failed.” It is trying to download a file from https://list.bluecoat.com.
A WHOIS query for bluecoat.com shows they have four authoritative name servers:
Name Server: EPONYM.BLUECOAT.COM
Name Server: SYNONYM.BLUECOAT.COM
Name Server: UDNS1.ULTRADNS.NET
Name Server: UDNS2.ULTRADNS.NET
The ultradns servers currently work. The servers EPONYM and SYNONYM don’t respond at all.
A traceroute successfully leaves our network and our upstream provider. It appears to be working until it gets to the destination network.
I have a similar problem when I test from my home network. That would seem to rule out issues here at work.
tips time:
nslookup sites like http://www.kloth.net, lookingglass sites like http://www.traceroute.org, or simpler tools like downforeveryoneorjustme.com are a great help when troubleshooting DNS issues.
seems to be related to ipv6. We upgraded the domain controllers to windows 2008 r2 on saturday when this issue started.
turned out to be edns. We upgraded the domain controllers from Windows 2003 to Windows 2008 R2.
I dont know if edns wasn’t on before or if Microsoft broke it in 2008r2, but I’d rather not have to disable it.