Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
imuscleupcarat
New Contributor

Created on ‎01-18-2024 02:54 AM

DNS High Latency issue on 7.4.0

Hi All,

 

Just want a quick help on our issue with High DNS Issue.

 

1.png

 

I have seen this article below.

 

https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/126629

 

And I am just wondering would it be service affecting if you would run commands like the following:

 

diagnose test application dnsproxy

1. Clear DNS cache

2. Dump DNS Setting

3. Reload FQDN

4. DNS debug bit mask

5. DNS debug obj mem

6. Restart dnsproxy worker

 

ETC.

 

REGARDS

NICKO

 

@All 

 

 

Labels:
671
0 Kudos
8 REPLIES 8
AEK
SuperUser
SuperUser

Created on ‎01-18-2024 04:12 AM

Hello

As per my experience this latency value is not to take in consideration as long as your DNS server responds to queries in time.

AEK
AEK
655
hbac
Staff
Staff

Created on ‎01-18-2024 06:14 AM

Hi @imuscleupcarat,

 

Are those DNS servers in the same subnet as FortiGate? Which protocol are you using? Please provide the output of this command "show full system dns" if possible.

 

Regards, 

643
imuscleupcarat
New Contributor
In response to hbac

Created on ‎01-18-2024 04:08 PM

Hi They are using UDP port 53,

 

Can you confirm if the commands on my post are service affecting when run?

600
0 Kudos
mle2802
Staff
Staff

Created on ‎01-18-2024 06:32 AM

Hi @imuscleupcarat,

Please refer to this document for more detail https://community.fortinet.com/t5/FortiGate/Technical-Note-FortiGate-Troubleshooting-DNS-commands/ta....


634
mle2802
Staff
Staff
In response to mle2802

Created on ‎01-18-2024 06:32 AM

Also, for this high latency, what is the protocol you are using and have you tried different DNS server?

632
imuscleupcarat
New Contributor
In response to mle2802

Created on ‎01-18-2024 04:01 PM

They are using UDP port 53

604
0 Kudos
imuscleupcarat
New Contributor
In response to mle2802

Created on ‎01-18-2024 04:00 PM

Yes I have seen this article already and none of it states if it will be service impacting when running those commands. that is what i want to confirm

605
0 Kudos
johnlloyd_13
Contributor
In response to imuscleupcarat

Created on ‎01-18-2024 05:55 PM Edited on ‎01-18-2024 05:55 PM

hi,

where are your DNS hosted? is it within or outside your country/region?

did you encounter this issue prior to 7.4?

Thanks,
John
Thanks,John
587
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.