Forum Discussion
madhava
Altocumulus
AltocumulusHTTP error 503, DNS lookup failed
Hi I have BIG-IP APM setup configured with Oauth2.0, get following error. 01490290:3: /Common/exampleAP:Common:b6e14800:/Common/exampleAP_act_oauth_client_ag: OAuth Client: failed for server '/Comm...
I was able to fix the issue by creating a new Dns Rsolver and Name server. Thanks AubreyKingF5 "front-side APM interface has a route to that IP" gave some clue for the direction.
Thanks
Madhava
southern_shredd
Cirrus
CirrusI have this exact error and have been grappling with it all week. DNS is in place and resolves all hostnames. Our Oauth traffic uses route domain 0 to reach Azure with no issues. We've tried both a non-default partition and Common partition. Tested nslookup from CLI and everything seems fine.
Does the DNS resolver need have Forwad zones in place? My DNS resolver IPs are the same DNS servers as the main BigIP. When we do try to create a Forwad Zone and use (.) as a forwad zone we get an error "nullGeneral database error." Does this need to be configured only on cli?
"OAuthClientToAzureAD_act_oauth_client_ag: OAuth Client: failed for server '/AzureAD_Server' using 'authorization_code' grant type (client_id=XXXXXXXXXXXXXXXXXXXXXX), error: HTTP error 503, DNS lookup failed.
I have tried everything recommended in this link - Error Message: 01490290:3: OAuth Client: failed for server error: HTTP error 503 <error message> (f5.com) regarding the DNS resolver
Why would we still get this error despite DNS working fine on the BigIP? Does i matter that I see 100% Misses in the DNS Resolver client cache?
AubreyKingF5
Moderator
ModeratorSo, if you ping -I (your external interface name, as seen in 'ifconfig') to the address of the DNS server, you get responses? Your OAuth DNS requests will be coming out the front side interface - so, from your SNAT IP (usually) or VIP.. not management, as your digs and nslookups would use.
Aubrey