I don't know if this is a normal behavior or not. We have 3 DNS servers.
We are not able to ping or ssh/http to the management interface from the DNS server, if this DNS server is configured as DNS server in the firewall.
When we configure DNS_A and DNS_B as a primary and secondary DNS servers in the firewall, we are not able to ping or access from those DNS servers to the mgmt interface. But DNS_C is able to ping with no problems.
When we configure DNS_A and DNS_C, they are not able to ping, but DNS_B can do it.
Why is it? I did a tcpdump and see that all pings arrived to the firewall but there are only replies from fw to the server that is not configured as DNS.
Hi! Thanks for the reply. The DNS traffic has a custom configuration in service routing, for a specific interface, not the default (management). But if I am not wrong, this is referred to a specific port, in this case service: "dns", so it has to be not only for layer 3 routing, but also port 53 traffic. So it will not affect the ping or ssh, and so on. Am I wrong?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!