Many open dns connections

I have dnsmasq enabled and am pointing to google primary and secondary dns servers . It all seems to be working fine .
If I go into Luci - Status -> RealTimeGraphs -> connections I see typically many entries(dozens or more) like this

IPV4 UDP user-xx-xx-xx-xx.myisp.net:123456 google-public-dns-a.google.com:53

Is this normal or do I have something configured incorrectly ?

UDP doesn’t have an “I’m done” exchange like TCP does, so “open” is done with a timer. No surprising to see several that are a few or tens of seconds open.

Are your clients using DNS on the router (or elsewhere in your network), or going direct to the outside? That might explain a very high number.

The LuCI display itself will cause many reverse DNS lookups. Let it run for a while and the DNS traffic peak should settle down

2 Likes

clients are using the router as primary dns

Does this mean anything? You router still needs to forward those requests somewhere. Those are the DNS connections you see.

You or your ISP uses Google as the upstream DNS.