Thousands of DNS connections in PIX 515e

Unanswered Question
Sep 20th, 2007

We're having intermittent problems getting to the Internet thru our PIX 515e. I issued the "show conn" command and there are thousands and thousands of DNS connections for our internal DNS server with multiple Internet IP's....should this be the case? Do I need to allow DNS inbound into our network, or should I just need to allow it outbound?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
srue Thu, 09/20/2007 - 11:57

if that DNS server is also responsible for your public address space and name resolution, then you need to allow it inbound...otherwise, definitely not. it sounds like the public is using it as their own dns server.

pizzov Thu, 09/20/2007 - 12:31

Yes, thank you! I had 55,000 connections for my internal DNS server! As soon as I blocked it, all is well! Thanks.

opers13 Tue, 10/23/2007 - 15:26

can you go into more detail about your dns problem...we are also having DNS issues when thousands of dns translations "clogged" the PIX..and only "clear xlate" solves the issue.



This Discussion