In our syslog we see a lot of syn_sent to a specific class of adresses 192.xxx.xxx.xxx using TCP protocol with everytime increase of the port number.
The Firewall is opent to UDP port 53 Any, but TCP is open only to specific IP to where a zone transfert should be done.
The question is why our DNS server try to SYN_SENT? Here an example :
TCP dns1:1704 g.gtld-servers.net:domain SYN_SENT
TCP dns1:1705 i.gtld-servers.net:domain SYN_SENT
Thanks in advance for any answer.