This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DOMAIN (udp/53)

I'm seeing a large number of packets being reported as blocked by the firewall. They are udp port 53. Most, but not all, of them are from link-local ipv6 addresses. The destination is utm. I understand they are dns packets. What is the proper practice for these packets. Should I allow them?

This thread was automatically locked due to age.

Parents

0 BarryG over 10 years ago

Hi, are you running IPv6 on the UTM and your networks?

If you're not, ignore them or setup a rule to drop them without logging.

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 bimmerdriver over 10 years ago in reply to BarryG

I'm following up on this. I'm seeing DOMAIN (udp/53) traffic from several of the computers on my internal network directed toward utm, mostly on ipv6, but also some on ipv4. I'd like to make a rule to allow this traffic. Should I explicitly identify the ipv4 and ipv6 address of utm as the destination? Should I use the internal network as the source? Thanks.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 bimmerdriver over 10 years ago in reply to BarryG

I'm following up on this. I'm seeing DOMAIN (udp/53) traffic from several of the computers on my internal network directed toward utm, mostly on ipv6, but also some on ipv4. I'd like to make a rule to allow this traffic. Should I explicitly identify the ipv4 and ipv6 address of utm as the destination? Should I use the internal network as the source? Thanks.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 bimmerdriver over 10 years ago in reply to bimmerdriver

I created a rule, internal network > DNS > Internal Address. It doesn't seem to be doing anything. The addresses are all link local ipv6 and ipv4 to utm. How do I allow this traffic?
Cancel
Vote Up 0 Vote Down

Cancel

DOMAIN (udp/53)

Submitted a Tech Support Case lately from the Support Portal?