To confirm if the DNS server is not compressing DNS responses, perform the following steps:
- Using Wireshark, take a tcpdump on the virtual adapter on the client machine
- Using the filter field, enter dns.qry.name == "<fqdn name>" (i.e. dns.qry.name == "office365.com") to find the problem fully qualified domain name (FQDN)
- Under Answer section, select the first A record response, right-click and select Show Packet Bytes
- Confirm the number of bytes (i.e. 29 bytes)
- Select the second A record response, right-click and select Show Packet Bytes
- Confirm the number of bytes (i.e. 16 bytes)
If the additional A record responses are smaller than the first, this would confirm the DNS response packet is not compressed as all A records should be the same number of bytes. Due to this fact, the Pulse Desktop Client is evaluating the first byte and not evaluating the DNS response.
As of May 16th 2020, Pulse Desktop Client does not properly handle non-compressed DNS packets and the tentative schedule (June 2020) is to resolved this issue in Pulse Desktop Client 9.1R7 (PRS-390306).
- Use a DNS server that does compress DNS responses
- Use IP-based split tunneling instead of FQDN split tunneling