Hi All, I've configured a Route53 Private hosted zone setup to facilitate secure end-to-end traffic on EKS using TLS certificates in ACM, ALB, and Istio. However, I'm encountering an issue where the ping command doesn't work with the Fully Qualified Domain Name (FQDN), although it functions correctly with the IP address. I've thoroughly checked all VPC settings and followed troubleshooting documentation, but everything appears to be configured correctly. I'm uncertain about what I might be overlooking. Any suggestions on how to address and resolve this issue would be greatly appreciated. Thank you.
Here is the scenario
❯ nslookup stage.argocd.eeeee-ppppers
Server: **10.0.1.21**
Address: 10.0.1.21#53
** server can't find stage.argocd.eeee-peees: NXDOMAIN
❯ **ping stage.argocd.eeeee-ppppers
ping: cannot resolve stage.argocd.eeeee-ppppers: Unknown host**
❯ ping **10.0.1.21
PING 10.0.1.21 (10.0.1.21): 56 data bytes
64 bytes from 10.0.1.21: icmp_seq=0 ttl=127 time=23.657 ms
64 bytes from 10.0.1.21: icmp_seq=1 ttl=127 time=17.694 ms
64 bytes from 10.0.1.21: icmp_seq=2 ttl=127 time=18.790 ms
64 bytes from 10.0.1.21: icmp_seq=3 ttl=127 time=13.934 ms
64 bytes from 10.0.1.21: icmp_seq=4 ttl=127 time=14.864 ms
64 bytes from 10.0.1.21: icmp_seq=5 ttl=127 time=13.081 ms**
^C
--- 10.0.1.21 ping statistics ---
7 packets transmitted, 6 packets received, 14.3% packet loss
round-trip min/avg/max/stddev = 13.081/17.003/23.657/3.590 ms
❯ dig stage.argocd.eeeee-ppppers
; <<>> DiG 9.10.6 <<>> stage.argocd.eeeee-ppppers
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16539
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;stage.argocd.eeeee-ppppers. IN A
;; AUTHORITY SECTION:
. 354 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2024030900 1800 900 604800 86400
;; Query time: 45 msec
;; SERVER: 10.0.1.21#53(10.0.1.21)
;; WHEN: Sat Mar 09 10:51:59 CST 2024
;; MSG SIZE rcvd: 133