Announcement

Collapse
No announcement yet.

Non-DNS W2K3 Servers Sending Packets to DNS Root Servers

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Non-DNS W2K3 Servers Sending Packets to DNS Root Servers

    Greetings!

    I have a number of Windows W2K3 servers joined to a domain. The servers are configured to use the domain controller for DNS, so they should not be sending DNS related packets out to the Internet. Furthermore, there is a firewall that blocks all outgoing DNS requests not originating from the domain controllers.

    However... I am seeing dropped packets in the firewall logs (UDP, port 53) being sent from the Windows servers and destined for various DNS Root Servers (e.g. 192.175.48.1, 192.175.48.6, 192.175.48.42). DNS server has not been installed on any of these servers, and DNS resolution against the domain controllers works just fine (nothing out of the ordinary that I've seen). I have no idea what is going on here... any ideas?

  • #2
    Re: Non-DNS W2K3 Servers Sending Packets to DNS Root Servers

    Hi,

    Those IP addresses are not from any DNS Root servers but SOA and NS servers from IANA.
    I've seen that type of traffic happening when there are not PTR records configured for reverse DNS lookup.
    Caesar's cipher - 3

    ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

    SFX JNRS FC U6 MNGR

    Comment


    • #3
      Re: Non-DNS W2K3 Servers Sending Packets to DNS Root Servers

      Ah, I see now! Thank you for your help!

      Comment


      • #4
        Re: Non-DNS W2K3 Servers Sending Packets to DNS Root Servers

        Hi

        Did you manage to resolve this? If so how?

        Thanks

        Bob

        Comment

        Working...
        X