We have all of mds pointing to the internal DNS servers but are seeing firewall hits out to Google DNS servers. We are running AOS 8.3.0.1 on 7240XM controllers. Would there be any reason that the controllers need to reachout to the Google DNS servers? There's nothing that I can find in the config for Google DNS servers.
Are you natting any client traffic like guest traffic out of your controllers (ip nat inside on any VLAN)? If so, that might be your client traffic.
Colin, we are not natting any client traffic on the controllers.
Is there any way to see how often it occurs and what they are trying to resolve?
It happening 10-12 times an hour per controller. From the Splunk logs I can only see port 53 out to 8.8.8.8 and 8.8.4.4 is being blocked. It's not so much an issue I don't think but out S&C group saw it the Splunk logs and wanted it looked at.
Hmm.. If you don't have any Google Servers configured on the controller, we would have to go through your config and tech support to understand what could be happening, intended or bug. Please open a TAC case.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.