FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 205563
Description This article describes how the DNS latency showing in the GUI dashboard is calculated internally.

The DNS server status for FortiGuard or internal DNS server IP address shows Unreachable or high latency, even though FortiGate is able to ping to DNS server IP address without any latency.


dns server.jpg


The DNS query latency is based on when FortiGate system DNS sends a query, which will be record the time sent.

When a query response is received, the time received will also be recorded.

FortiGate calculated the latency (weighted 3:7) of the server based on this value.

If there is no DNS response packet received or failed, FortiGate shows the status unreachable.

Also, the latency value is not updated, if FortiGate does not query the server since there are no transaction of packets.