NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Strange log entries for domain-udp packets



hi there,

i'm running an internal and an external nameserver and i'm looking for the
cause of very strange dns problems at our site. from time to time our
internal dns-server hangs up, it seems it doesn't forward any more. only
after stop/start of the nameserver daemon dns works again.
a tcpdump says that the internal nameserver forwards its request to the
external one (it seems it does forwardind after all). but i can't say if
the external one works fine, because i've got no tcpdump of it. :(

let me explain how our dns is set up:
the internal one gets requests from clients and forwards unknown hosts,
e.g. www.ibm.com to the external one, which directly asks rootnameservers
and so on. boths nameserver reside in a dmz of 4.1 SP5+RDP-hotfix box
(nokia 3.4).

when our dns works fine, I often see strange entries in my log, maybe they
are a hint to my problems:

service            - source    - dest      - src-port
*src-port-int. ns* - *ext. ns* - *int. ns* - domain-udp
...
(denied by my last catch-all deny rule).

for me it seems that fw-1 sometimes blocks packets back from the external
ns to the internal ns. my udp-timeout is set to 60sec and traffic is
medium-heavy, so I don't believe, these are timed-out connections.

does anybody know if there are some known dns issues with my current
version or if this is a "normal" situation?

best regards
marcus

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.