Huge number of DOMAIN UDP traffic to/from EFA
Posted: 09 Mar 2018 13:08
Hi.
I identified the above situation just yesterday and on my firewall it presents as follows. The data is extracted from my firewall and it shows traffic on the EFA for a 24 hour period:
1 DOMAIN (UDP) - IN: 55MB, OUT: 7MB, Connections: 94.000 (!!!), % of overall traffic: 97.90%
The DNS is recursive and does not forward to another DNS server. Further more I am running a mail server on the inside for which EFA both receives and sends but the volume is in barely in the hundreds.
Is this expected behavior?
Regards,
Ulf Thomas
I identified the above situation just yesterday and on my firewall it presents as follows. The data is extracted from my firewall and it shows traffic on the EFA for a 24 hour period:
1 DOMAIN (UDP) - IN: 55MB, OUT: 7MB, Connections: 94.000 (!!!), % of overall traffic: 97.90%
The DNS is recursive and does not forward to another DNS server. Further more I am running a mail server on the inside for which EFA both receives and sends but the volume is in barely in the hundreds.
Is this expected behavior?
Regards,
Ulf Thomas