Quantcast
Channel: All ScreenOS Firewalls (NOT SRX) posts
Viewing all articles
Browse latest Browse all 2577

Re: DNS A/AAAA no response from Proxy

November 27, 2017, 6:01 am
$
0
0

Hi Vikas,

 

Hopefully I've done this correctly:

 

ssg-1.slaytor.com(M)-> set ffilter src-ip 172.16.11.22 dst-ip 172.16.11.1
filter added
ssg-1.slaytor.com(M)-> debug dns proxy
ssg-1.slaytor.com(M)-> debug flow basic
ssg-1.slaytor.com(M)-> undebug all
ssg-1.slaytor.com(M)-> get db stream
****** 94752.0: <Trust/ethernet0/0> packet received [59]******
ipid = 25157(6245), @0d684914
packet passed sanity check.
flow_decap_vector IPv4 process
ethernet0/0:172.16.11.22/52894->172.16.11.1/53,17<Root>
no session found
flow_first_sanity_check: in <ethernet0/0>, out <N/A>
existing vector list 20-7605794.
create a self session (flag 0x1706), timeout=60sec.
flow_first_install_session======>
handle cleartext reverse route
search route to (self, 172.16.11.1->172.16.11.22) in vr trust-vr for vsd-0/flag-3000/ifp-ethernet0/0
cached route 1 for 172.16.11.22
[ Dest] 1.route 172.16.11.22->172.16.11.22, to ethernet0/0
route to 172.16.11.22
cached arp entry with MAC ca5782c251ad for 172.16.11.22
arp entry found for 172.16.11.22
ifp2 ethernet0/0, out_ifp ethernet0/0, flag 00800601, tunnel ffffffff, rc 1
flow got session.
flow session id 47988
flow_main_body_vector in ifp ethernet0/0 out ifp N/A
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
post addr xlation: 172.16.11.22->172.16.11.1.
packet is for self, copy packet to self
copy packet to us.
****** 94752.0: <Trust/ethernet0/0> packet received [59]******
ipid = 25158(6246), @0d67d114
packet passed sanity check.
flow_decap_vector IPv4 process
ethernet0/0:172.16.11.22/52894->172.16.11.1/53,17<Root>
existing session found. sess token 3
flow got session.
flow session id 47988
flow_main_body_vector in ifp ethernet0/0 out ifp N/A
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
post addr xlation: 172.16.11.22->172.16.11.1.
packet is for self, copy packet to self
copy packet to us.
## 2017-11-27 13:46:49 : Proxy: Processing request from client 172.16.11.22 port 52894
## 2017-11-27 13:46:49 : Proxy: Host name for lookup is www.apple.com type 1
## 2017-11-27 13:46:49 : Proxy: Looking up best match
## 2017-11-27 13:46:49 : Proxy: New best match len id 1
## 2017-11-27 13:46:49 : Proxy: Selecting primary
## 2017-11-27 13:46:49 : Proxy: DNS socket send returned 0 for server 8.8.8.8
## 2017-11-27 13:46:49 : Proxy: new socket being set 388 to server 8.8.8.8
## 2017-11-27 13:46:49 : Proxy: Processing request from client 172.16.11.22 port 52894
## 2017-11-27 13:46:49 : Proxy: Entry already existing; Freeing packet
## 2017-11-27 13:46:49 : Proxy: Host name for lookup is www.apple.com type 1
## 2017-11-27 13:46:49 : Proxy: DNS socket send returned 0 for server 4.4.4.4
## 2017-11-27 13:46:49 : Proxy: new socket being set 389 to server 4.4.4.4
## 2017-11-27 13:46:54 : Proxy: Trying the next server after timeout
## 2017-11-27 13:46:54 : Proxy: Host name for lookup is www.apple.com type 1
## 2017-11-27 13:46:54 : Proxy: skipping tertiary
## 2017-11-27 13:46:54 : Proxy: Looking up next best match eith current match len 1
## 2017-11-27 13:46:54 : Proxy: no more servers; lookup will fail for www.apple.com
## 2017-11-27 13:46:54 : Proxy: cannot process DNS client request; dropping packet after timeout
****** 94757.0: <Trust/ethernet0/0> packet received [59]******
ipid = 25967(656f), @0d6a3914
packet passed sanity check.
flow_decap_vector IPv4 process
ethernet0/0:172.16.11.22/52894->172.16.11.1/53,17<Root>
existing session found. sess token 3
flow got session.
flow session id 47988
flow_main_body_vector in ifp ethernet0/0 out ifp N/A
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
post addr xlation: 172.16.11.22->172.16.11.1.
packet is for self, copy packet to self
copy packet to us.
****** 94757.0: <Trust/ethernet0/0> packet received [59]******
ipid = 25968(6570), @0d6ac114
packet passed sanity check.
flow_decap_vector IPv4 process
ethernet0/0:172.16.11.22/52894->172.16.11.1/53,17<Root>
existing session found. sess token 3
flow got session.
flow session id 47988
flow_main_body_vector in ifp ethernet0/0 out ifp N/A
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
post addr xlation: 172.16.11.22->172.16.11.1.
packet is for self, copy packet to self
copy packet to us.
## 2017-11-27 13:46:54 : Proxy: Processing request from client 172.16.11.22 port 52894
## 2017-11-27 13:46:54 : Proxy: Host name for lookup is www.apple.com type 1
## 2017-11-27 13:46:54 : Proxy: Looking up best match
## 2017-11-27 13:46:54 : Proxy: New best match len id 1
## 2017-11-27 13:46:54 : Proxy: Selecting primary
## 2017-11-27 13:46:54 : Proxy: DNS socket send returned 0 for server 8.8.8.8
## 2017-11-27 13:46:54 : Proxy: new socket being set 390 to server 8.8.8.8
## 2017-11-27 13:46:54 : Proxy: Processing request from client 172.16.11.22 port 52894
## 2017-11-27 13:46:54 : Proxy: Entry already existing; Freeing packet
## 2017-11-27 13:46:54 : Proxy: Host name for lookup is www.apple.com type 1
## 2017-11-27 13:46:54 : Proxy: DNS socket send returned 0 for server 4.4.4.4
## 2017-11-27 13:46:54 : Proxy: new socket being set 391 to server 4.4.4.4
## 2017-11-27 13:46:59 : Proxy: Trying the next server after timeout
## 2017-11-27 13:46:59 : Proxy: Host name for lookup is www.apple.com type 1
## 2017-11-27 13:46:59 : Proxy: skipping tertiary
## 2017-11-27 13:46:59 : Proxy: Looking up next best match eith current match len 1
## 2017-11-27 13:46:59 : Proxy: no more servers; lookup will fail for www.apple.com
## 2017-11-27 13:46:59 : Proxy: cannot process DNS client request; dropping packet after timeout
****** 94762.0: <Trust/ethernet0/0> packet received [71]******
ipid = 26600(67e8), @0d6e9914
packet passed sanity check.
flow_decap_vector IPv4 process
ethernet0/0:172.16.11.22/36688->172.16.11.1/53,17<Root>
no session found
flow_first_sanity_check: in <ethernet0/0>, out <N/A>
existing vector list 20-7605794.
create a self session (flag 0x1706), timeout=60sec.
flow_first_install_session======>
handle cleartext reverse route
search route to (self, 172.16.11.1->172.16.11.22) in vr trust-vr for vsd-0/flag-3000/ifp-ethernet0/0
cached route 1 for 172.16.11.22
[ Dest] 1.route 172.16.11.22->172.16.11.22, to ethernet0/0
route to 172.16.11.22
cached arp entry with MAC ca5782c251ad for 172.16.11.22
arp entry found for 172.16.11.22
ifp2 ethernet0/0, out_ifp ethernet0/0, flag 00800601, tunnel ffffffff, rc 1
flow got session.
flow session id 47946
flow_main_body_vector in ifp ethernet0/0 out ifp N/A
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
post addr xlation: 172.16.11.22->172.16.11.1.
packet is for self, copy packet to self
copy packet to us.
****** 94762.0: <Trust/ethernet0/0> packet received [71]******
ipid = 26601(67e9), @0d6e1114
packet passed sanity check.
flow_decap_vector IPv4 process
ethernet0/0:172.16.11.22/36688->172.16.11.1/53,17<Root>
existing session found. sess token 3
flow got session.
flow session id 47946
flow_main_body_vector in ifp ethernet0/0 out ifp N/A
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
post addr xlation: 172.16.11.22->172.16.11.1.
packet is for self, copy packet to self
copy packet to us.
## 2017-11-27 13:46:59 : Proxy: Processing request from client 172.16.11.22 port 36688
## 2017-11-27 13:46:59 : Proxy: Host name for lookup is www.apple.com.slaytor.com type 1
## 2017-11-27 13:46:59 : Proxy: Looking up best match
## 2017-11-27 13:46:59 : Proxy: New best match len id 1
## 2017-11-27 13:46:59 : Proxy: Selecting primary
## 2017-11-27 13:46:59 : Proxy: DNS socket send returned 0 for server 8.8.8.8
## 2017-11-27 13:46:59 : Proxy: new socket being set 392 to server 8.8.8.8
## 2017-11-27 13:46:59 : Proxy: Processing request from client 172.16.11.22 port 36688
## 2017-11-27 13:46:59 : Proxy: Entry already existing; Freeing packet
## 2017-11-27 13:46:59 : Proxy: Host name for lookup is www.apple.com.slaytor.com type 1
## 2017-11-27 13:46:59 : Proxy: DNS socket send returned 0 for server 4.4.4.4
## 2017-11-27 13:46:59 : Proxy: new socket being set 393 to server 4.4.4.4
## 2017-11-27 13:47:04 : Proxy: Trying the next server after timeout
## 2017-11-27 13:47:04 : Proxy: Host name for lookup is www.apple.com.slaytor.com type 1
## 2017-11-27 13:47:04 : Proxy: skipping tertiary
## 2017-11-27 13:47:04 : Proxy: Looking up next best match eith current match len 1
## 2017-11-27 13:47:04 : Proxy: no more servers; lookup will fail for www.apple.com.slaytor.com
## 2017-11-27 13:47:04 : Proxy: cannot process DNS client request; dropping packet after timeout
****** 94767.0: <Trust/ethernet0/0> packet received [71]******
ipid = 26830(68ce), @0d659914
packet passed sanity check.
flow_decap_vector IPv4 process
ethernet0/0:172.16.11.22/36688->172.16.11.1/53,17<Root>
existing session found. sess token 3
flow got session.
flow session id 47946
flow_main_body_vector in ifp ethernet0/0 out ifp N/A
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
post addr xlation: 172.16.11.22->172.16.11.1.
packet is for self, copy packet to self
copy packet to us.
****** 94767.0: <Trust/ethernet0/0> packet received [71]******
ipid = 26831(68cf), @0d648114
packet passed sanity check.
flow_decap_vector IPv4 process
ethernet0/0:172.16.11.22/36688->172.16.11.1/53,17<Root>
existing session found. sess token 3
flow got session.
flow session id 47946
flow_main_body_vector in ifp ethernet0/0 out ifp N/A
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
post addr xlation: 172.16.11.22->172.16.11.1.
packet is for self, copy packet to self
copy packet to us.
## 2017-11-27 13:47:04 : Proxy: Processing request from client 172.16.11.22 port 36688
## 2017-11-27 13:47:04 : Proxy: Host name for lookup is www.apple.com.slaytor.com type 1
## 2017-11-27 13:47:04 : Proxy: Looking up best match
## 2017-11-27 13:47:04 : Proxy: New best match len id 1
## 2017-11-27 13:47:04 : Proxy: Selecting primary
## 2017-11-27 13:47:04 : Proxy: DNS socket send returned 0 for server 8.8.8.8
## 2017-11-27 13:47:04 : Proxy: new socket being set 394 to server 8.8.8.8
## 2017-11-27 13:47:04 : Proxy: Processing request from client 172.16.11.22 port 36688
## 2017-11-27 13:47:04 : Proxy: Entry already existing; Freeing packet
## 2017-11-27 13:47:04 : Proxy: Host name for lookup is www.apple.com.slaytor.com type 1
## 2017-11-27 13:47:04 : Proxy: DNS socket send returned 0 for server 4.4.4.4
## 2017-11-27 13:47:04 : Proxy: new socket being set 395 to server 4.4.4.4
## 2017-11-27 13:47:09 : Proxy: Trying the next server after timeout
## 2017-11-27 13:47:09 : Proxy: Host name for lookup is www.apple.com.slaytor.com type 1
## 2017-11-27 13:47:09 : Proxy: skipping tertiary
## 2017-11-27 13:47:09 : Proxy: Looking up next best match eith current match len 1
## 2017-11-27 13:47:09 : Proxy: no more servers; lookup will fail for www.apple.com.slaytor.com
## 2017-11-27 13:47:09 : Proxy: cannot process DNS client request; dropping packet after timeout

========= BELOW is for PING -4 www.apple.com this works! ==========


ssg-1.slaytor.com(M)-> clear db
ssg-1.slaytor.com(M)-> debug dns proxy
ssg-1.slaytor.com(M)-> debug flow basic
ssg-1.slaytor.com(M)-> undebug all
ssg-1.slaytor.com(M)-> get db stream

****** 94928.0: <Trust/ethernet0/0> packet received [59]******
ipid = 57033(dec9), @0d650114
packet passed sanity check.
flow_decap_vector IPv4 process
ethernet0/0:172.16.11.22/48696->172.16.11.1/53,17<Root>
no session found
flow_first_sanity_check: in <ethernet0/0>, out <N/A>
existing vector list 20-7605794.
create a self session (flag 0x1706), timeout=60sec.
flow_first_install_session======>
handle cleartext reverse route
search route to (self, 172.16.11.1->172.16.11.22) in vr trust-vr for vsd-0/flag-3000/ifp-ethernet0/0
cached route 1 for 172.16.11.22
[ Dest] 1.route 172.16.11.22->172.16.11.22, to ethernet0/0
route to 172.16.11.22
cached arp entry with MAC ca5782c251ad for 172.16.11.22
arp entry found for 172.16.11.22
ifp2 ethernet0/0, out_ifp ethernet0/0, flag 00800601, tunnel ffffffff, rc 1
flow got session.
flow session id 47954
flow_main_body_vector in ifp ethernet0/0 out ifp N/A
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
post addr xlation: 172.16.11.22->172.16.11.1.
packet is for self, copy packet to self
copy packet to us.
## 2017-11-27 13:49:45 : Proxy: Processing request from client 172.16.11.22 port 48696
## 2017-11-27 13:49:45 : Proxy: Host name for lookup is www.apple.com type 1
## 2017-11-27 13:49:45 : Proxy: Looking up best match
## 2017-11-27 13:49:45 : Proxy: New best match len id 1
## 2017-11-27 13:49:45 : Proxy: Selecting primary
## 2017-11-27 13:49:45 : Proxy: DNS socket send returned 0 for server 8.8.8.8
## 2017-11-27 13:49:45 : Proxy: new socket being set 424 to server 8.8.8.8
## 2017-11-27 13:49:46 : Proxy: DNS socket receive 182 bytes from server
## 2017-11-27 13:49:46 : Proxy: Processing response for client 172.16.11.22 port 48696
## 2017-11-27 13:49:46 : Proxy: Updating cache for www.apple.com type 1 from the proxy
## 2017-11-27 13:49:46 : Proxy: Extract data returned 0
## 2017-11-27 13:49:46 : Proxy: Sending out a response to the client
## 2017-11-27 13:49:46 : Proxy: DNS socket send returned 0
****** 94929.0: <Self/self> packet received [210]******
ipid = 52675(cdc3), @03166844
flow_self_vector2: send pack with current vid =0, enc_size:0
processing packet through normal path.
packet passed sanity check.
flow_decap_vector IPv4 process
self:172.16.11.1/53->172.16.11.22/48696,17<Root>
existing session found. sess token 5
flow got session.
flow session id 47954
flow_main_body_vector in ifp self out ifp ethernet0/0
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
skip ttl adjust for packet.
post addr xlation: 172.16.11.1->172.16.11.22.
packet send out to ca5782c251ad (cached) through ethernet0/0
****** 94929.0: <Trust/ethernet0/0> packet received [73]******
ipid = 57034(deca), @0d63d114
packet passed sanity check.
flow_decap_vector IPv4 process
ethernet0/0:172.16.11.22/34468->172.16.11.1/53,17<Root>
no session found
flow_first_sanity_check: in <ethernet0/0>, out <N/A>
existing vector list 20-7605794.
create a self session (flag 0x1706), timeout=60sec.
flow_first_install_session======>
handle cleartext reverse route
search route to (self, 172.16.11.1->172.16.11.22) in vr trust-vr for vsd-0/flag-3000/ifp-ethernet0/0
cached route 1 for 172.16.11.22
[ Dest] 1.route 172.16.11.22->172.16.11.22, to ethernet0/0
route to 172.16.11.22
cached arp entry with MAC ca5782c251ad for 172.16.11.22
arp entry found for 172.16.11.22
ifp2 ethernet0/0, out_ifp ethernet0/0, flag 00800601, tunnel ffffffff, rc 1
flow got session.
flow session id 47920
flow_main_body_vector in ifp ethernet0/0 out ifp N/A
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
post addr xlation: 172.16.11.22->172.16.11.1.
packet is for self, copy packet to self
copy packet to us.
## 2017-11-27 13:49:46 : Proxy: Processing request from client 172.16.11.22 port 34468
## 2017-11-27 13:49:46 : Proxy: Host name for lookup is 76.148.124.104.in-addr.arpa type 12
## 2017-11-27 13:49:46 : Proxy: Sending out a response to the client
## 2017-11-27 13:49:46 : Proxy: DNS socket send returned 0
****** 94929.0: <Self/self> packet received [73]******
ipid = 52676(cdc4), @030f3914
flow_self_vector2: send pack with current vid =0, enc_size:0
processing packet through normal path.
packet passed sanity check.
flow_decap_vector IPv4 process
self:172.16.11.1/53->172.16.11.22/34468,17<Root>
existing session found. sess token 5
flow got session.
flow session id 47920
flow_main_body_vector in ifp self out ifp ethernet0/0
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
skip ttl adjust for packet.
post addr xlation: 172.16.11.1->172.16.11.22.
packet send out to ca5782c251ad (cached) through ethernet0/0
## 2017-11-27 13:49:46 : Proxy: cannot process DNS client request; dropping packet
****** 94929.0: <Trust/ethernet0/0> packet received [73]******
ipid = 57035(decb), @0d640914
packet passed sanity check.
flow_decap_vector IPv4 process
ethernet0/0:172.16.11.22/57364->172.16.11.1/53,17<Root>
no session found
flow_first_sanity_check: in <ethernet0/0>, out <N/A>
existing vector list 20-7605794.
create a self session (flag 0x1706), timeout=60sec.
flow_first_install_session======>
handle cleartext reverse route
search route to (self, 172.16.11.1->172.16.11.22) in vr trust-vr for vsd-0/flag-3000/ifp-ethernet0/0
cached route 1 for 172.16.11.22
[ Dest] 1.route 172.16.11.22->172.16.11.22, to ethernet0/0
route to 172.16.11.22
cached arp entry with MAC ca5782c251ad for 172.16.11.22
arp entry found for 172.16.11.22
ifp2 ethernet0/0, out_ifp ethernet0/0, flag 00800601, tunnel ffffffff, rc 1
flow got session.
flow session id 48006
flow_main_body_vector in ifp ethernet0/0 out ifp N/A
flow vector index 0x20, vector addr 0x7605794, orig vector 0x7605794
post addr xlation: 172.16.11.22->172.16.11.1.
packet is for self, copy packet to self
copy packet to us.
## 2017-11-27 13:49:46 : Proxy: Processing request from client 172.16.11.22 port 57364
## 2017-11-27 13:49:46 : Proxy: Host name for lookup is 76.148.124.104.in-addr.arpa type 12
## 2017-11-27 13:49:46 : Proxy: Sending out a response to the client
## 2017-11-27 13:49:46 : Proxy: DNS socket send returned 0
## 2017-11-27 13:49:46 : Proxy: cannot process DNS client request; dropping packet
ssg-1.slaytor.com(M)->

Search
Viewing all articles
Browse latest Browse all 2577

Trending Articles

RAMAYAMPET Mandal Sarpanch | Upa-Sarpanch | Ward member Mobile Numbers Medak...

May 24, 2017, 2:00 am

लड़कियां सेक्स के दौरान क्यों करती है उह! आह!लड़कियां सेक्स के दौरान क्यों करती...

May 19, 2016, 1:54 am

Neem Baba Extra Questions Answer Class 6 English Poorvi

February 1, 2025, 5:19 am

Throw Back: 4×4 — Sikilitele (Ft Castro) Prod by JQ

March 5, 2015, 8:24 am

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

August 20, 2016, 5:13 pm

Lowe faces four theft charges

November 14, 2017, 6:52 pm

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Mafia, Murder & Mayhem In The Motor City: Detroit Mob Hit Timeline (1937-2007)

December 7, 2016, 3:57 pm

The 10 Tennessee Cities With The Largest Black Population For 2021

December 21, 2020, 10:12 am

Materials Around Us Class 6 Worksheet Science Chapter 6

October 3, 2024, 5:20 am

デスクトップ ヒープの枯渇

January 18, 2018, 8:31 pm

Best Suvichar in Hindi |बेस्ट सुविचार |शुभ विचार हिंदी में

March 7, 2020, 11:19 pm

Kanulanu Thaake Lyrics and translation | Manam (2014)

May 9, 2014, 5:45 am

Korean Sex Porn Videos: XXX Videos & Free Porn Movies

May 30, 2025, 9:29 pm

Teen Shot In Miami Drive-By Dies From Injuries

August 8, 2011, 1:16 pm

Download: IQ Muzatasha feat Shy D & Pmj – Ulesi NiFertilizer Yamavuto

March 22, 2018, 7:23 pm

Mahakal Attitude Status

February 29, 2020, 9:52 am

Property developer set up cannabis factory to help pay off debts...

August 3, 2015, 2:29 am

July 11, 2015, 6:15 am

KB: How to troubleshoot issues when adding a Hyper-V host in System Center...

August 14, 2012, 10:05 am
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>