Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
jhussain_FTNT
Staff
Staff

Created on ‎02-25-2022 03:40 AM Edited on ‎02-02-2025 09:33 PM By Community Manager

Article Id 205563

Technical Tip: DNS Server shows Unreachable or high latency in GUI Dashboard even though it is pingable from FortiGate

Description This article describes how the DNS latency showing in the GUI dashboard is calculated internally.
Scope FortiGate.
Solution

The DNS server status for FortiGuard or the internal DNS server IP address shows Unreachable or high latency, even though FortiGate can ping to the DNS server IP address without any latency.

 

dns server.jpg

 

The DNS query latency is based on when FortiGate system DNS sends a query, which will record the time sent.

When a query response is received, the time received will also be recorded.

 

FortiGate calculated the latency (weighted 3:7) of the server based on this value. If there is no DNS response packet received or failed, FortiGate shows the status unreachable. The latency value is not updated, if FortiGate does not query the server since there are no transactions of packets.

 

Note: 
To verify if high latency is due to DNS protocol, refer to the following documents for more information:

Technical Tip: High latency on FortiGuard DNS serv... - Fortinet Community  

Technical Tip: DNS server on FortiGate caused Fort... - Fortinet Community  
27580
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.