When troubleshooting firewall issues, why do I see names like 1e100.net when doing a reverse lookup on addresses resolved from *.l.google.com?
The name 1e100.net is a valid Google domain name and identifies its servers. For more information, see Google Help.
This firewall issue can occur when an Edge resolves *.l.google.com to make a WebRTC call and then sends the request to the firewall/security device. If the firewall/security device performs a reverse lookup, it receives 1e100.net instead of *.l.google.com and the call fails.
The preferred way to avoid this issue is to disable the reverse lookup functionality on your firewall/security device.
The alternative, adding 1e100.net to your allowlist and all the records that accompany it is possible, but problematic.
Genesys Cloud best practice specifies:
- Do not configure your firewall to perform reverse lookups.
- Do not add domain names to your allowlist.