LTM DNS root reachout on mgmt, disable?
Our security group noted that our LTMs (2000s; v12.0HF1) are sending DNS queries out their mgmt interface that are being blocked by our access controls for that network. It should be noted the environment these devices are in is a closed environment with no allowed access out to the Internet. Upon further review of the DNS reachouts, the LTMs are sending NS requests to the DNS root servers. Its seems to be walking down a root hints list and repeating -- seeing about 25 attempts per minute.
To stop the flooding of deny logs to our security tools, we are trying to determine if there is any way to stop these root server reach outs. We have added our local network DNS resolvers to DNS configuration (System->Configuration->Device->DNS->DNS Server Lookup List) with no change in behavior. We have also reviewed the GTM solutions articles on root hints -- even though we are not running GTM -- and confirmed that recursion is disabled in the named configuration.
Thanks in advance!
Chris