04-20-2011 03:11 PM - edited 03-11-2019 01:24 PM
I only have this particular context monitoring in this case, but if it was set to drop blacklisted packets it would be dropping all of our DNS traffic from our campus DNS servers to *.akadns.org, which seems to be an Akamai DNS infrastructure.
FYI. I guess I'll open a TAC case...
This is what conserns me about turning this on in front of our 40k users.
04-22-2011 09:34 AM
Did you open a TAC case? It looks like the site is not rated or categorized, but is still being blocked. I don't get a response from www.akadns.org. How is this site being used and what kind of issues is it causing in your environment?
Thanks,
Brendan
04-22-2011 09:42 AM
Hi. I did open a TAC case on Wednesday. It was quickly escelated and the engineer responded that he would look into it and I haven't heard anything further.
We haven't turned on the botnet filtering for everything yet, so this was only showing up as a monitored site on the blacklist. If we were dropping it it seems like we would have lost name resolution for Akamai sites if there was no alternative hosts attempted. We have a large Akamai cluster on our campus so there were thousands of DNS to three or four nameservers in the *.akadns.org domain. I'm not sure what the impact would have been if that had been blocked.
I also whitelisted it just to avoid any issues.
05-16-2013 08:28 AM
Any update to this? We are seeing the same issue from Akami.
05-16-2013 08:35 AM
I believe this was resolved at the time. If you have a specific concern about a false positive, go ahead and open a case with TAC. They will need to review the website(s) and change the classification.
Regards,
Brendan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide