FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
jhussain_FTNT
Article Id 205563
Description This article describes how the DNS latency showing in the GUI dashboard is calculated internally.
Scope FortiGate.
Solution

The DNS server status for FortiGuard or the internal DNS server IP address shows Unreachable or high latency, even though FortiGate can ping to the DNS server IP address without any latency.

 

dns server.jpg

 

The DNS query latency is based on when FortiGate system DNS sends a query, which will record the time sent.

When a query response is received, the time received will also be recorded.

FortiGate calculated the latency (weighted 3:7) of the server based on this value.

If there is no DNS response packet received or failed, FortiGate shows the status unreachable.

Also, the latency value is not updated, if FortiGate does not query the server since there are no transactions of packets.