Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] stream dns requests originating from firewall

To: [email protected]
Subject: Re: [FW-1] stream dns requests originating from firewall
From: Marlo Montanaro <[email protected]>
Date: Tue, 28 May 2002 10:41:43 -0400
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Could it be the DNS server itself?

I've seen DNS servers freak out and start looping multiple requests on just
a single lookup.  Usually briefly killing the named daemon and restarting on
the DNS server will fix the issue.

Try pointing your firewall at a different DNS server and see if that fixes
the problem.  That will tell you if it is the firewall or the DNS server
causing the problem.  Also, from the firewall, can you do a manual nslookup?

Regards,
MM




-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of Bill
Husler
Sent: Tuesday, May 28, 2002 10:14 AM
To: [email protected]
Subject: [FW-1] stream dns requests originating from firewall


Last week, we received complaints that one of our firewalls (v4.1
running on solaris) has essentially stopped passing packets. The
engineer responding to the complaint first tried reinstalling the
policy - which relieved the problem. However, later inspection of the
log reveals that during the same period, the firewall itself has started
initiating dns requests (UDP) at the speed of about 200 per second!
While this may explain why not much else was going on, I was wondering
if anyone else had seen a firewall wander off in this way before and if
there were any theories on what could have caused it?
Bill

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] Pix Firewall object
Next by Date: [FW-1] why netmask change after rebooting?
Previous by thread: [FW-1] download linux FP2?
Next by thread: [FW-1] stream dns requests originating from firewall
Index(es):
- Date
- Thread