I have a Watchguard X8000 Peak firewall (excellent hardware!)
I have call after call to port 53 that are outbound. I switched to OpenDNS and line after line after line now shows me xxx.xxx.xxx.xxx 208.67.222.222 dns/udp 1-Trusted 0-External denial of service attack, drop this packet.
Looking at the actual three servers (out of over 100( only these three servers exhibit this problem. It appears that Webalyzer may be trying to do a hostname lookup but turning this off doesn't appear to be an option as it is with AWStats. Previously I had resolv.conf set for Level 3 4.2.2.1 and 4.2.2.2. My own firewall is block listing me!!!
I have resolv.conf set for
Code:
search priorityonehost.net
nameserver 208.67.222.222
nameserver 207.67.220.220
Each server has a unique name based on the customer but you get the idea.
I don't know if the DNS filter on the Watdchguard X8000 is supposed to be proxied or just a policy.
Any thoughts on what is going on? This began when I switched these servers to Plesk 9.3
Humbly Yours,
Bob