Hi,
I see alot of quiries on Port 53 from the clients machine. I've disabled general nat on the extended networking menu. What could these quiries be ? I know they are DNS quires but what for ?
regards,
Anish
Lots of quiries on port 53
Moderator: Qbik Staff
7 posts
• Page 1 of 1
Lots of quiries on port 53
by josh84 » Nov 04 11 12:11 am
- josh84
- Posts: 36
- Joined: Sep 02 10 11:34 pm
Re: Lots of quiries on port 53
by adrien » Nov 04 11 8:08 am
are these showing as NAT UDP to something on port 53?
If so, that implies your clients are using some other server (e.g. on internet) for DNS. You can intercept port 53 into the DNS service in WinGate. Then you will see the request details.
If so, that implies your clients are using some other server (e.g. on internet) for DNS. You can intercept port 53 into the DNS service in WinGate. Then you will see the request details.
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: Lots of quiries on port 53
by josh84 » Nov 06 11 4:14 am
yes thats rite ! i've changed the DNS server from the wingates IP to our ISP. Ive intercepted traffic from port 53 in the DNS service but i do not see the request in the activity window. What i see only is "10.10.10.2:5432<->proxyserver:53". How can see what the request ?
I've changed the loggin in the DNS client from error to info and saw this Request: Lookup test-6cbf9a71-ebe3-49d5-9eb7-18aa41afdc00.dnsloopcheck.qbik.com type 1. What is it looking up in qbik i wonder ?
I've also noticed that some websites when requested, wingate returns with this page "host not found".
how can i resolve the above mentioned issues ?
Regards,
Anish
I've changed the loggin in the DNS client from error to info and saw this Request: Lookup test-6cbf9a71-ebe3-49d5-9eb7-18aa41afdc00.dnsloopcheck.qbik.com type 1. What is it looking up in qbik i wonder ?
I've also noticed that some websites when requested, wingate returns with this page "host not found".
how can i resolve the above mentioned issues ?
Regards,
Anish
- josh84
- Posts: 36
- Joined: Sep 02 10 11:34 pm
Re: Lots of quiries on port 53
by adrien » Nov 06 11 11:50 am
josh84 wrote:yes thats rite ! i've changed the DNS server from the wingates IP to our ISP.
Why did you do this?
And where did you do this? Which DNS settings? E.g.
* client LAN computer DNS settings (in network adapters)
* WinGate computer DNS settings (in network adapters)
* WinGate DNS client settings (in WinGate)
josh84 wrote:Ive intercepted traffic from port 53 in the DNS service but i do not see the request in the activity window. What i see only is "10.10.10.2:5432<->proxyserver:53". How can see what the request ?
That means it's not been intercepted. Is the intercept showing as started in the DNS service?
josh84 wrote:I've changed the loggin in the DNS client from error to info and saw this Request: Lookup test-6cbf9a71-ebe3-49d5-9eb7-18aa41afdc00.dnsloopcheck.qbik.com type 1. What is it looking up in qbik i wonder ?
that's for checking for loops. We need to do a lookup for something external to your domain. If WinGate receives this request back from the server it asked, then it knows that server loops back to it for external lookups.
josh84 wrote:
I've also noticed that some websites when requested, wingate returns with this page "host not found".
how can i resolve the above mentioned issues ?
Regards,
Anish
sounds like your DNS setup is a bit of a mess. You need to make sure.
a) WinGate is using valid DNS servers (in either the LAN adapters on that computer, or you'll need to add the IPs in WinGate management DNS client).
b) WinGate is not using bogus DNS servers (e.g. any IP in use actually works)
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: Lots of quiries on port 53
by josh84 » Nov 06 11 8:27 pm
I've only change the DNS servers in the DHCP scope. I did that because the request for resolution can be done faster. Is that a wrong practice ? should i change it back to point to the WinGate server ? I've also enabled probing in the DNS client for the ip address that connects to the internet.
In the DNS service i've added port 53 to be intercepted. First it showed undefined and latter checked to find it has started. Do i have to intercept traffic from port 53 in WWW Service ?
Abou make sure wingate is using the correct DNS server,
I've checked to see that the DNS client is using the same ip address of external server. Where else should i be checking that to make sure nothing is messed up ?
How do i check if WinGate is not using any bogus servers ?
Regards,
Anish
In the DNS service i've added port 53 to be intercepted. First it showed undefined and latter checked to find it has started. Do i have to intercept traffic from port 53 in WWW Service ?
Abou make sure wingate is using the correct DNS server,
I've checked to see that the DNS client is using the same ip address of external server. Where else should i be checking that to make sure nothing is messed up ?
How do i check if WinGate is not using any bogus servers ?
Regards,
Anish
- josh84
- Posts: 36
- Joined: Sep 02 10 11:34 pm
Re: Lots of quiries on port 53
by adrien » Nov 07 11 7:42 pm
Hi
It's ok to assign an internet-based DNS server to your LAN clients using DHCP, however I presume you have no AD there or it will break that.
Also, if you are going to intercept UDP/53 to the DNS service (you can't intercept UDP to the WWW proxy) then the request will be serviced by WinGate anyway, so there's no point assigning any different DNS server to clients.
WinGate 7 DNS client shows you all the DNS servers it will use (unlike WinGate 6, which doesn't show OS ones) so as long as there are none in there that don't work, you should be ok.
Adrien
It's ok to assign an internet-based DNS server to your LAN clients using DHCP, however I presume you have no AD there or it will break that.
Also, if you are going to intercept UDP/53 to the DNS service (you can't intercept UDP to the WWW proxy) then the request will be serviced by WinGate anyway, so there's no point assigning any different DNS server to clients.
WinGate 7 DNS client shows you all the DNS servers it will use (unlike WinGate 6, which doesn't show OS ones) so as long as there are none in there that don't work, you should be ok.
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: Lots of quiries on port 53
by josh84 » Nov 08 11 3:04 am
Hi,
I've not enabled AD so far. I will be using Active Diractory sooner or latter. You had suggested this because users in the WinGate or windows database are not asked to change his/her password when the Internet Explorer is opened for the first time although that option is available in both the databases. Is there a possiblity that this will be resolved in the next version of WinGate ? The wingate 6 had it.
About the quireies, i've noted that the client requests are using the UDP to communicate through port 53 is there anything specificaly to be done to intercept that traffic so that it can be seen resovled in the activity window.
Regards,
Anish
I've not enabled AD so far. I will be using Active Diractory sooner or latter. You had suggested this because users in the WinGate or windows database are not asked to change his/her password when the Internet Explorer is opened for the first time although that option is available in both the databases. Is there a possiblity that this will be resolved in the next version of WinGate ? The wingate 6 had it.
About the quireies, i've noted that the client requests are using the UDP to communicate through port 53 is there anything specificaly to be done to intercept that traffic so that it can be seen resovled in the activity window.
Regards,
Anish
- josh84
- Posts: 36
- Joined: Sep 02 10 11:34 pm
7 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 1 guest