Article ID: 2484988 - View products that this article applies to.
When a Domain Name System (DNS) server is published by using a server publishing rule in Microsoft Forefront Threat Management Gateway (TMG) 2010, the publishing rule does not work correctly. Therefore, the incoming User Datagram Protocol (UDP) DNS traffic is not forwarded to the published server. This problem occurs randomly.
This issue occurs because a WSAENETRESET error occurs when a recv operation is completed on the publishing socket that faces the Internet. Additionally, Forefront TMG 2010 does not create another recv operation to compensate for the completed operation that contains this error. Therefore, the data pump stops.
Update informationTo resolve this issue, install the software update that is described in the following Microsoft Knowledge Base (KB) article:
(http://support.microsoft.com/kb/2475183/ )Software Update 1 rollup 2 for Forefront Threat Management Gateway (TMG) 2010 Service Pack 1
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684For more information about the recv function, visit the following Microsoft webpage:
(http://support.microsoft.com/kb/824684/ )Description of the standard terminology that is used to describe Microsoft software updates
Introduction to the recv functionFor more information about the kernel-mode data pump, click the following download link to view a Microsoft document:
Document that introduces the ISA Server 2006 firewall core