Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Ted
Staff
Staff

Created on ‎10-17-2024 12:11 AM

Article Id 350014

Troubleshooting Tip: Monitoring local out DNS traffic statistics

Description This article describes how to monitor local out DNS traffic generated by FortiGate. FortiGate generates DNS queries as local out traffic to resolve domain names required for FortiGate features and services, such as FortiGuard connection, system update, FQDN resolve, certificate verification, and so on.
Scope FortiGate.
Solution
  1. GUI monitoring.
    FortiGate provides an admin user with Sent/Received (bytes), Sent Packets, Received Packets, Sent Bytes, and Received Bytes columns for local out DNS sessions at Log&Report -> Local Traffic.

 

DNS GUI.png

 

  1. CLI monitoring.
    In CLI, FortiGate provides more detailed information and statistics of dnsproxy daemon about DNS proxy activity.

     

DNS UDP: req=996 res=272 fwd=241 cmp=591 retrans=38 to=17 --> req, res fields indicating the number of DNS requests sent by the FortiGate and DNS response received.

 

  1. DNS CLI.png
71
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.