Hello folks,
I have two installations with vCenter installed on them that are both doing something that seems peculiar. They send DNS queries from the vCenter IP address to the assigned DNS servers. Roughly 15% of the time, they will generate a query the same second with the same source port to both the primary and secondary DNS servers. When this happens, the firewall logs that the vCenter server responds to the secondary DNS server's answer with an ICMP type 3 code 3 (port unreachable). This clearly shouldn't be happening (the query to the secondary DNS server probably shouldn't even be happening). Any ideas on why this would occur?
vCenter Server with an embedded Platform Services Controller
v6.7.0.30000
Build 13010631
Example firewall log entries:
access-list vm_interface_access_in permitted udp vm-interface/10.1.1.5(33201) -> dc_interface/10.1.3.1(53)
access-list vm_interface_access_in permitted udp vm-interface/10.1.1.5(33201) -> dc_interface/10.1.3.2(53)
No matching connection for ICMP error message: icmp src vm_interface:10.1.1.5 dst dc_interface:10.1.3.2 (type 3, code 3) on vm_interface. Original IP payload: udp src 10.1.3.2/53 dst 10.1.1.5/33201.
Thank you!