I am working on a new network configuration. We put four Win2K servers (AD/DNS/DHCP, Exchange, Mail Marshal, OracleDB) behind a Raptor firewall to host a remote AD domain. I have the raptor set as the default gateway, and using its DNSd service, it is now the forwarder for the AD/DNS server, which has recursion disabled (and the root hints deleted.) All the other servers point to the AD/DNS for their DNS. Name resolution works fine except I see in the raptor logs a flood of outgoing traffic to the root name servers with destination port 53 (which of course it blocks because the servers are supposed to ask the raptor for external DNS name resolution. These floods happen from each server, perodically, in random order throughout the day. The source port on the server changes every three or four attempts. The firewall is doing its job by blocking this but I hate to see the error logs getting filled.
So where in Win2K (on all four servers) could this be coming from??
Here is a copy of a few of the attempts:
(192.168.1.10->192.175.48.1: Protocol=UDP Port 3162->53)
(192.168.1.11->192.175.48.1: Protocol=UDP Port 3630->53)(192.168.1.12->192.175.48.1: Protocol=UDP Port 1601->53)
(192.168.1.13->192.175.48.1: Protocol=UDP Port 4463->53)
Any suggestions will be appreciated!
So where in Win2K (on all four servers) could this be coming from??
Here is a copy of a few of the attempts:
(192.168.1.10->192.175.48.1: Protocol=UDP Port 3162->53)
(192.168.1.11->192.175.48.1: Protocol=UDP Port 3630->53)(192.168.1.12->192.175.48.1: Protocol=UDP Port 1601->53)
(192.168.1.13->192.175.48.1: Protocol=UDP Port 4463->53)
Any suggestions will be appreciated!