集群LIF IP的外部DNS反向查找过多

• ONTAP 9
• 收获
• DNS

• 数据包跟踪显示 节点管理 LIF为集群LIF IP地址生成的一系列PTR请求

1 <node management IP>   50445    <DNS IP>            domain    DNS Standard query 0xdf71 PTR 44.33.22.11.in-addr.arpa
2 <DNS IP>            domain   <node management IP>   50445   DNS   Standard query response 0xdf71 No such name PTR 44.33.22.11.in-addr.arpa SOA localhost

• 除了DNS风暴、DNS服务器可能会停止回答集群SVM中的问题、从而导致 dns.server.timed.out 出现错误

mgwd: dns.server.timed.out:error]: DNS server 111.111.111.11 did not respond to vserver = SVM within timeout interval.
mgwd: dns.server.timed.out:error]: DNS server 111.111.111.12 did not respond to vserver = SVM within timeout interval.

• 审核日志包含 /api/private/cli/network/connections/active  remote_host 请求字段的REST请求

Wed Dec 06 2023 20:00:21 +09:00 [kern_audit:info:2412]xxx:: admin-vserver: http :: xx.xx.xx.xx:47068 :: admin-vserver:admin :: 
GET /api/private/cli/network/connections/active?return_records=true&fields=service,blocks_lb,lif_name,local_address,node,proto,remote_host,cid,local_port,lru,
remote_ip,vserver :: Pending
・・・・・・

Wed Dec 06 2023 20:00:27 +09:00 [kern_audit:info:2412]xxx:: admin-vserver: http :: xx.xx.xx.xx:47068 :: admin-vserver:admin :: 
GET /api/private/cli/network/connections/active?return_records=true&fields=service,blocks_lb,lif_name,local_address,node,proto,remote_host,cid,local_port,lru,
remote_ip,vserver :: Success: