Suspicious DNS Activity Originating from GTM Name Server

Hi All,

We are seeing continuous TCP packet reset error at client side from 3DNS name server. Search on GTM log & taken packet capture but no clue where rest packet is generating. From searching Google for similar issues, this seems to be related to an outdated/mis-configured Bind DNS server. Need your suggestion to close case.

Jan 05 00:04:51 x.x.0.100 named[23726]: dispatch 0x7ff06c4f4650: shutting down due to TCP receive error: xx.x.x.x53: connection reset

Jan 05 00:11:37 x.x.0.10 named[13320]: dispatch 0x7f78570f5ad0: shutting down due to TCP receive error: xx.x.x.x53: connection reset

Jan 05 00:14:14 x.x.0.10 named[13320]: dispatch 0x7f78570f5ad0: shutting down due to TCP receive error: xx.x.x.x53: connection reset

Jan 05 00:05:55 199.120.69.22 named[21101]: dispatch 0xb5436788: shutting down due to TCP receive error: xx.x.x.x53: connection reset

BIG-IP

BIG-IP DNS

security

Forum Discussion

Suspicious DNS Activity Originating from GTM Name Server

Recent Discussions

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

F5 terminal - help to run commands - disk space full

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

F5 Distributed Cloud Origin Server Subset Rules

Active/Active load balancing examples with F5 BIG-IP and Azure load balancer

Azure Active Directory and BIG-IP APM Integration

F5 Active Standby Node Configuration

Change original source IP to random in ASM logs