Announcement

Collapse
No announcement yet.

udp 53 connections

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • udp 53 connections

    My logs are indicating udp 53 connections to my primary windows2003 domain controller located on the inside of my ASA5510 from outside sources...are these DNS connections related to the stateful connections initiated from the domain controller?

  • #2
    Re: udp 53 connections

    Probably. I'm assuming your DC is also your DNS, so it's probably DNS answers for queries for outside DNS records that the DC is performing on behalf of internal clients. What type of logging is available on the ASA as far as telling you what type of DNS packets they are? You could run a network sniffer on the DC and compare the results to the ASA logs to see if they match up.

    Comment


    • #3
      Re: udp 53 connections

      I suspect they are responses to my DC, the log shows upd 53 from various outside subnets to my primary dc on port 1046, 34bytes, 2seconds. Is this a Windows 2003 DNS issue, as far as I know i don't have any forwarding enabled...is this by design and should be concerned?
      Thanks

      Comment


      • #4
        Re: udp 53 connections

        I wouldn't think it is an issue. Even though you don't have forwarding enabled the DC will still resolve queries for internal clients via the root hint servers. If it didn't you wouldn't be able to access any outside resources (web sites, sending email, etc.). You should try and confirm, either through the ASA logs or through a packet capture on the DC that these are external answers to internal DNS queries.

        Comment

        Working...
        X