Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 2 subscribers
  • Views 3054 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

TCP Port 53 - 24,000 Packets Dropped in 3hrs - Network Down

FrenchiiLaf
I have experience an issue recently. The whole network went down. I generated an Executive Summary Report & noticed that more than 24,000 packets were dropped by TCP Port 53 in 3hrs. I think that cause the failure of Astaro.

Any ideas or advices anyone?

Regards,
Frenchie


This thread was automatically locked due to age.
Parents
  • 0
    Port 53 is DNS.  Usually UDP is used, but TCP usage will now be more common with DNSSEC gaining steam.
     
    Are you running DNS servers by chance and if so, did you add them to the Performance Tuning section of the IPS on the advanced tab?  Are the source or destination of the dropped packets DNS servers under your control?
Reply
  • 0
    Port 53 is DNS.  Usually UDP is used, but TCP usage will now be more common with DNSSEC gaining steam.
     
    Are you running DNS servers by chance and if so, did you add them to the Performance Tuning section of the IPS on the advanced tab?  Are the source or destination of the dropped packets DNS servers under your control?
Children
  • 0 in reply to Scott_Klassen
    Hey Scott,

    Thanks for your reply. Yes I find out that Port 53 is related to DNS. Yes I put my DNS server under "Perfomance Tuning". I was wondering if the network did not suffer from a DoS attack. I am hesitating to use the TCP SYN Flood Protection under "Anti-DoS/Flooding". What do you reckon?

    Regards,
    Frenchie