Relation between ICMP and DNS servers?

Relation between ICMP and DNS servers?

Post by Akkineni Raje » Thu, 10 Jan 2002 04:40:54



i am in a private network wich is connected to internet through a
router.
all internal computers are configured with 192.168.6.X series and
gateway as router ip(192.168.6.1) . and DNS server number is set to an
externel(internet) DNS server.
we have 2 DNS server(DNS1,DNS2)
presently i am using NTOP in my linux ox. when i see the statistics of
data received for say 1hr, most trafic is to that DNS servers with
ICMP protocol.

for example this is the data i got.
HOST           ----DATA---       TCP         UDP        ICMP
-----------------------------------------------------------------
DNS1           57.8 MB   16.1%   0         48.2 KB    57.7 MB
DNS2           57.7 MB   16.1%   0         49.7 KB    57.7 MB
192.168.6.9    3.6 MB    1.0%    3.5 MB    17.6 KB    4.8 KB
192.168.6.41   3.0 MB    0.8%    3.0 MB    6.4 KB     378
192.168.6.33   1.9 MB    0.5%    1.9 MB    3.3 KB     304

what i want to know is
1.why DNS server is taking such a bandwidth?
2.what is ICMP protocol? for what it is used?
3.can i setup any internel DNS server?(not for internal hosts,say to
resolve yahoo.com) so that i can reduce my out going bandwidth?

thank you for any help,
rajesh

 
 
 

Relation between ICMP and DNS servers?

Post by Steven Rosted » Thu, 10 Jan 2002 05:42:18


ICMP: Internet Control Message Protocol.
Is used mainly with ping, and traceroute
and anytime something goes "wrong" (TTL expires,
host unreachable, etc).

 
 
 

Relation between ICMP and DNS servers?

Post by Michael Wandinge » Thu, 10 Jan 2002 05:54:58


Hello Akkineni,


> i am in a private network wich is connected to internet through a
> router.
> all internal computers are configured with 192.168.6.X series and
> gateway as router ip(192.168.6.1) . and DNS server number is set to an
> externel(internet) DNS server.
> we have 2 DNS server(DNS1,DNS2)
> presently i am using NTOP in my linux ox. when i see the statistics of
> data received for say 1hr, most trafic is to that DNS servers with
> ICMP protocol.

> for example this is the data i got.
> HOST           ----DATA---       TCP         UDP        ICMP
> -----------------------------------------------------------------
> DNS1           57.8 MB   16.1%   0         48.2 KB    57.7 MB
> DNS2           57.7 MB   16.1%   0         49.7 KB    57.7 MB
> 192.168.6.9    3.6 MB    1.0%    3.5 MB    17.6 KB    4.8 KB
> 192.168.6.41   3.0 MB    0.8%    3.0 MB    6.4 KB     378
> 192.168.6.33   1.9 MB    0.5%    1.9 MB    3.3 KB     304

> what i want to know is
> 1.why DNS server is taking such a bandwidth?

well, the difference between DNS-packets (UDP) and ICMP is enormous.
I have only one idea, how this could be happen:
- is in your network a heavily used mailserver?
mailserver are using DNS constant for every mail.
if there is incoming smtp-connection a MTA like sendmail normally try to
verify the DNS-name of the sender. By a large number of smtp-sending
hosts the answer is an error message, because dial-up-adresses often not
in the in-addr.arpa-domain, especially spammer.

Quote:> 2.what is ICMP protocol? for what it is used?

Internet Control Message Protocol:
ping, traceroute and tons of error messages

Quote:> 3.can i setup any internel DNS server?(not for internal hosts,say to
> resolve yahoo.com) so that i can reduce my out going bandwidth?

thats very ease, you have to set up a caching-only bind.
But I'm not sure if that helps because you have to find the reason for
so much error / ICMP-Messages.

> thank you for any help,
> rajesh


greetings

Michael

 
 
 

Relation between ICMP and DNS servers?

Post by Karl Heye » Thu, 10 Jan 2002 09:28:30



> what i want to know is
> 1.why DNS server is taking such a bandwidth?

use something like tcpdump, and see what packets are flying around.

Quote:> 2.what is ICMP protocol? for what it is used?

error handling, your getting alot so frind out what they are.  

Quote:> 3.can i setup any internel DNS server?(not for internal hosts,say to
> resolve yahoo.com) so that i can reduce my out going bandwidth?

it's better to, look at the caching nameserver packages.

karl.

 
 
 

1. icmp : does icmp have no dependency on dns?

hi.

i was working on helping someone to get a suse-install fixed-up for dns,
and found out that he was able able to ping places even when there
apparently isn't a valid entry in /etc/rc.config ( which, by default, is
used by the suse scripts to generate a resolv.conf )

the question+:

does icmp-packet routing not depend on DNS ?

does tcp-packet routing depend on dns ?

does anything depend on dns besides whatever is buried in something like
a netscape?

  (if so, any tips on (a url for, or a book if no url) where to find a
table of what depends on what?)

thanks!

--
sc

2. Help me please.

3. DNS relations (hurry!)

4. Compiling problem

5. if DNS server was Windows based what DNS server software is avail?

6. no login prompt on solaris 2.4 server

7. NT dns server request to my LINUX dns server time out

8. How to bring up XTERM minimised ?

9. using DNS server(named) and external dns server.

10. Matrox Mystique ands X.

11. DNS and ICMP

12. ICMP- traceroute -DNS

13. ICMP Echo Request (ping) automagically preceeding or following DNS reply -- Security Problem?