Hi all, can anyone tell if when using asa firewalls, do they verify the reverse address using dns when connections sourced from outside are being made? I have seen this on other firewall vendors, is this standard firewall practice ?
There are firewalls who has this feature of Reverse DNS Lookup to find out where the IP Address comes from. Usually this is beneficial in the logging.
However this can cause performance problem. If the Reverse DNS Lookup does not resolve, then performance is degraded as the request times out because the firewall has to wait for the reply especially if this is recursive querying.
If the firewall is hosting a popular website, the amount of load to perform Reverse DNS Lookup for all the IP Address that hit the firewall maybe too much for the firewall to process.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...