Hello,
I have a strange issue. I see thousands of dropped packets on 53 port. We have an internal DNS server that uses my UTM DNS Server as forwarder. Dropped packets are sent from internal DNS server (192.168.x.x) to UTM address on internal interface (192.168.x.y). UTM successfully accepts dns requests from internal network, all seems to work fine.
UTM uses Google DNS Server as forwarders (8.8.8.8 and 8.8.4.4).
10:29:49 Default DROP DNS 192.168.X.X : 53 → 192.168.X.Y : 41329 len=85 ttl=128 tos=0x00 srcmac=34:40:b5:92:03:aa dstmac=00:1a:8c:58:8f:fa
10:29:49 Default DROP DNS 192.168.X.X : 53 → 192.168.X.Y : 52094 len=85 ttl=128 tos=0x00 srcmac=34:40:b5:92:03:aa dstmac=00:1a:8c:58:8f:fa
10:29:49 Default DROP DNS 192.168.X.X : 53 → 192.168.X.Y : 59460 len=85 ttl=128 tos=0x00 srcmac=34:40:b5:92:03:aa dstmac=00:1a:8c:58:8f:fa
10:29:49 Default DROP DNS 192.168.X.X : 53 → 192.168.X.Y : 60055 len=85 ttl=128 tos=0x00 srcmac=34:40:b5:92:03:aa dstmac=00:1a:8c:58:8f:fa
10:29:49 Default DROP DNS 8.8.8.8 : 53 → WAN_ADDRESS : 6120 len=191 ttl=49 tos=0x00 srcmac=d0:d0:fd:cd:11:ca dstmac=00:1a:8c:58:8f:fb
I really don't understand why these packets are dropped. All seems to work fine... Does anyone could suggest a reason/solution?
Thanks
This thread was automatically locked due to age.