版上各位先進您好
最近小第一直都會遭遇到一個DNS server 的問題,就是DNS的查詢都會異常的高,
導致那台server的連線數都超高的,大概6.7千個以上的連線數,
可是我看了一下紀錄,都是53Port的連線,以下是我防火牆那邊所抓取道的一小部份LOG檔
看起來都算是很正常的DNS查詢,問題是公司的DNS並不是中大型的,只是很單純公司自己內部使用,怎嚜還會有這麼高的連線數呢?
不知道這部份有辦法去解決嗎?
我的作業系統是Server 2003的,系統更新也是最新的。
先謝謝了。
2 2010-09-15 12:33:25 Firewall default policy: UDP (D to W1) XXX.XXX.XXX.XXX:56860 121.10.132.221:53 ACCESS PERMITTED
3 2010-09-15 12:33:25 Firewall default policy: UDP (D to W1) XXX.XXX.XXX.XXX:56860 61.147.122.95:53 ACCESS PERMITTED
4 2010-09-15 12:33:25 Firewall default policy: UDP (D to W1) XXX.XXX.XXX.XXX60.28.11.246:53 ACCESS PERMITTED
5 2010-09-15 12:33:25 Firewall default policy: UDP (D to W1) XXX.XXX.XXX.XXX:56860 61.147.122.95:53 ACCESS PERMITTED
6 2010-09-15 12:33:25 Firewall default policy: UDP (D to W1) XXX.XXX.XXX.XXX:56860 119.145.145.41:53 ACCESS PERMITTED
7 2010-09-15 12:33:25 Firewall default policy: UDP (D to W1) XXX.XXX.XXX.XXX:56860 121.10.132.221:53 ACCESS PERMITTED
8 2010-09-15 12:33:25 Firewall default policy: TCP (W1 to D) 111.82.7.249:1246 192.168.100.201:110 ACCESS DROPPED
9 2010-09-15 12:33:25 Firewall default policy: UDP (D to W1) XXX.XXX.XXX.XXX:58663 60.28.11.246:53 ACCESS PERMITTED
10 2010-09-15 12:33:25 Firewall default policy: UDP (D to W1) XXX.XXX.XXX.XXX:58663 60.28.11.246:53 ACCESS PERMITTED
11 2010-09-15 12:33:25 Firewall default policy: UDP (D to W1) XXX.XXX.XXX.XXX:56860 60.28.11.246:53 ACCESS PERMITTED