DNS proxy errors

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

DNS proxy errors

L3 Networker

We are using PANOS 9.1 and latest DNS security. Any thoughts on these errors from proxy log? 172.16.1.1 and 172.16.1.3 are Microsoft AD DNS servers.Can these be effecting performance of traffic?

 

2020-02-17 08:30:23.583 +1100 Error:  pan_dnsproxy_recv_server_udp_cb(pan_dnsproxy_udp.c:222): [udp]: fd 48 from 172.16.1.1 to 0.0.0.0 process server failed!

2020-02-17 08:30:24.490 +1100 Error:  pan_dnsproxy_process_server_pkt(pan_dnsproxy_pkt.c:1491): [DNS Proxy/21572/12452/-]:[Drop Rcvd Server Pkt]: invalid UDP socket!

2020-02-17 08:30:24.490 +1100 Error:  pan_dnsproxy_recv_server_udp_cb(pan_dnsproxy_udp.c:222): [udp]: fd 56 from 172.16.1.1 to 0.0.0.0 process server failed!

6 REPLIES 6

L6 Presenter

@Jatin.Singh  Is dns proxy working fine?

There are multiple reasons for this error logs. There may be delay in DNS server response or there is no response. Can you please share output of below command?

 

show dns-proxy statistics all

 

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks

@SutareMayur 

 

 I have been doing this during the day today and its much higher, pending I have seen sometimes 200

 

Name: DNS Proxy

Interfaces: ethernet1/1 Counters:

  Queries received from hosts:1570853

  Responses returned to hosts:1554168

  Queries forwarded to servers:1325157

  Responses received from servers:918352

  Pending TCP:0

  Pending UDP:4

--------------------------------------

 

admin@Bialik-PA01> show dns-proxy statistics all

 

Name: DNS Proxy

Interfaces: ethernet1/1 Counters:

  Queries received from hosts:1570861

  Responses returned to hosts:1554176

  Queries forwarded to servers:1325163

  Responses received from servers:918357

  Pending TCP:0

  Pending UDP:4

--------------------------------------

Seen at low use time, same error -- 2020-02-17 16:37:46.841 +1100 Error:  pan_dnsproxy_recv_server_udp_cb(pan_dnsproxy_udp.c:222): [udp]: fd 18 from 172.16.1.1 to 0.0.0.0 process server failed!

 

& why Failed to resolve domain name:updates.paloaltonetworks.com AAAA after trying all attempts to name server(s): 208.67.222.222  208.67.222.220??

 

2020-02-17 16:35:14.933 +1100 Warning:  pan_dnsproxy_log_resolve_fail(pan_dnsproxy_util.c:651): Failed to resolve domain name:updates.paloaltonetworks.com AAAA after trying all attempts to name server(s): 208.67.222.222  208.67.222.220

 

2020-02-17 16:36:14.933 +1100 Warning:  pan_dnsproxy_log_resolve_fail(pan_dnsproxy_util.c:651): Failed to resolve domain name:updates.paloaltonetworks.com AAAA after trying all attempts to name server(s): 208.67.222.222  208.67.222.220

@Jatin.SinghWhat do you see in traffic logs? Is it allowing dns queries ?

 

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks

L1 Bithead

Hi Everyone,

 

I am also facing the same issue, Please help me if any resolution.

I am also having this issue? any ideas what this could be related too?

 

Queries received from hosts:6812
Responses returned to hosts:0
Queries forwarded to servers:81744
Responses received from servers:0
Pending TCP:0
Pending UDP:0

  • 7064 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!