Technical Tip: System Event log showing 'DNS Alert: Still no TCP response from server'
| Description | This article describes how to troubleshoot the System Event log showing 'DNS Alert: Still no TCP response from server'. |
| Scope | FortiMail. |
| Solution | In the System Event log, it shows: 'DNS Alert: Still no TCP response from server x.x.x.x', such as the example below:
FortiMail uses DNS queries using UDP/53. But if the UDP packet is too big, FortiMail will retry with TCP/53 if the setting in the DNS for truncate-handling is set to 'tcp-retry'.
config system dns set truncate-handling {disable | tcp-retry} end
Specify how to handle truncated UDP replies of DNS queries: select either disable (meaning no retries) or tcp-retry (meaning retry in TCP mode). The default setting is tcp-retry. See system DNS for more information.
This log means FortiMail has not received a DNS response from the DNS server when querying the DNS over TCP/53. Do the packet capture in FortiMail to see if FortiMail received a DNS response from the DNS server or not. If FortiMail does not receive a DNS response from the DNS server when querying over TCP/53, check with the DNS server side or any device in between.
Below is an example of the DNS Server's response to FortiMail DNS query over TCP/53:
|
