Announcement

Collapse
No announcement yet.

dns queries

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • dns queries

    Hi all, our AD integrated dns server IP address (10.71.2.24) queries against cluster private ip address 192.168.1.6 (heartbeat) and as well as the iscsi IP address 192.168.130.4 outside it own LAN. Which increase the traffic at firewall. Please help...

  • #2
    Re: dns queries

    If I understand your question correctly, your DNS server is sending DNS queries to VLANs you have set aside for cluster traffic?? If that's right, in the DNS console, right-click on your DNS server name, and go to Properties. Check the 'Forwarders' tab. If the Forwarders list includes the IPs you list, delete them. That list should only contain one or more IPs that your Internet Service Provider gave you for DNS servers that THEY maintain. Your queries should go there, nowhere else.

    If any of the kit that use the cluster IPs have DNS entries in their network card properties, delete those. Your cluster VLANs should NOT be sharing traffic with anything else, esp. the iSCSI path. They have no need to route traffic outside their own broadcast domain, so don't need default gateways or DNS.
    *RicklesP*
    MSCA (2003/XP), Security+, CCNA

    ** Remember: credit where credit is due, and reputation points as appropriate **

    Comment


    • #3
      Re: dns queries

      Thanks for the response. we don't have any forwarder in DNS console also recursive queries is also disable. Port which are using by this private IP address are 137 and few undefined ports like 222457.

      Comment


      • #4
        Re: dns queries

        If you have no forwarders and recursive is disabled, then I think more info about how your network is set up is needed, here. A diagram would be helpful, firewall(s) included, and a description about how your internal users access resources inside & outside of your AD domain.

        You're right that DNS shouldn't be sending queries to the internal cluster-based VLANs, but without forwaders set, I can't see how that's possible. Unless the server hosting the DNS has one or more manual IP for a DNS server set on it's own NIC?
        *RicklesP*
        MSCA (2003/XP), Security+, CCNA

        ** Remember: credit where credit is due, and reputation points as appropriate **

        Comment


        • #5
          Re: dns queries

          Our network is totally isolated from the outside world. I mean we have single connectivity from our network (LAN1) to another network (LAN2). Thereafter, LAN2 is connected to firewall where this packet get drop. I am not able to figure out why our DC is trying to hit those IP address and hit LAN2 firewall.

          Comment


          • #6
            Re: dns queries

            In addition to the DNS server function on your DC, there's also a DNS client still running on the DC as well. Any software on the DC which tries to connect to a web site will use the DNS client to request resolution from the DNS server. Have you verified the DNS settings on the DC's network adapter(s)?

            So, LAN1 talks to LAN2. On the far side of LAN2 there's a firewall, and your DNS query packets are hitting that firewall, and getting dropped.

            All of the addresses you mention are private network addresses, and are therefore not routable in a Public network (i.e. the Internet). Either that's why your packets are being dropped, or that firewall/router doesn't know where those addresses are inside your private system, and drops them. Either way, we need more info to help solve this. It sounds like you have more issues to resolve than just DNS queries.
            *RicklesP*
            MSCA (2003/XP), Security+, CCNA

            ** Remember: credit where credit is due, and reputation points as appropriate **

            Comment

            Working...
            X