Wireless Access

Reply
Highlighted
Regular Contributor II

Re: What is log Message ( 334302 ) ??

Thanks Jeff. Yes it appears we have a few busy controllers in the res halls!

 

I have a couple of questions:

1. Is this user impacting?

2. Is it preferred to disable FW visibility for now?

3. Is there a way to shim in a DNS caching server or have the controller cache the queries?

 

Thanks,

MIke

Highlighted
Moderator

Re: What is log Message ( 334302 ) ??

hi Mike

to your q's above...

 

1. no, this is just part of fw vis

 

2. probably (if you dont use it, then yes just disable it) - but before you do, please send me a tar logs techsup and i will raise a new bug on it for you if you like (can you confirm the line showing 53490 was on 6.3.1.16 ?). If the controller has plenty of free memory then this should mostly be a cosmetic issue that would only cause issues if you were using the fw vis dashboard or data.

 

3. this is only for the fw vis stuff, it doesnt touch the client DNS packets at all.

 

I dont mind to raise a ticket / bug for you after reviewing the tech sup (or you can use whatever path you usually take for opening a ticket with Aruba). My email is my forum name at arubanetworks dot com.

 

regards

-jeff

 

 

 

 

 

Highlighted
Regular Contributor II

Re: What is log Message ( 334302 ) ??

Thanks Jeff. I'll send you the tar logs techsup as soon as I can.

 

I have one other question. Is this really hammering away at our DNS server? Seems like an awful lot of DNS queries..

 

Dec  8 00:58:06  FW Visibility[2068]: <334302> <ERRS> < xxx.xxx.xx.24>  fw_dest_ip_name_remap: MM: 404171. DNS max IP to name limit reached clients4.google.com with 68723 num_ips
Dec  8 04:18:50  FW Visibility[2100]: <334302> <ERRS> < xxx.xxx.xx.25>  fw_dest_ip_name_remap: MM: 1263756. DNS max IP to name limit reached android.clients.google.com with 36248 num_ips
Dec  8 07:02:50  FW Visibility[2068]: <334302> <ERRS> < xxx.xxx.xx.24>  fw_dest_ip_name_remap: MM: 405478. DNS max IP to name limit reached api.mixpanel.com with 33519 num_ips
Dec  8 08:22:45  FW Visibility[32346]: <334302> <ERRS> < xxx.xxx.xx.30>  fw_dest_ip_name_remap: MM: 1264675. DNS max IP to name limit reached www.google.com with 35682 num_ips
Dec  8 08:47:27  FW Visibility[2076]: <334302> <ERRS> < xxx.xxx.xx.26>  fw_dest_ip_name_remap: MM: 366012. DNS max IP to name limit reached clients4.google.com with 62062 num_ips

 

-Mike

Highlighted
Moderator

Re: What is log Message ( 334302 ) ??

clients are hammering away on DNS irrespective, all this is saying is that (apparently) there are some 60k ip address that have been returned for (say) clients4.google.com and thats "too many"

 

I say apparently because when the bug for this first came up, I put it to R&D that this seems way out there, it is highly unlikely that "api.mixpanel.com" has access to this many IP addresses . I ran constant DNS queries for a few usual suspects for several hours from various geographies and summed up the unique ip addresses seen. Whist there are a lot, its orders of magnitude smaller than 32k or 64k.

 

To me, something is leaking. Let me get in touch with the R&D and see what I can find out.

 

** edit to my reply **  bug 114189 already exists for this, it's not fixed yet - QA was able to reproduce. Will try to hurry up R&D for an update/plan to resolve. In the mean time, you can consider disabling fw_vis - especially if the controller is starting to run low on memory (when you send tar logs techsupport I can check into that closer and advise)

 

regards

-jeff

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: