LLMNR multicast slow down network service
I manage a network with ~300 hosts with PFSense, latelly the internet connection is working intermitent, i tested and the channel is stable.
So we checked and see many LLMNR multicast petitions from many machines.
We decided to disable the LLMNR in the windows machines, but there's a lot of hosts with windows but is a large process, with pfSense is possible to deny LLMNR in the network?
No, because the multicast traffic does not go through the router.
"LLMNR in the windows machines"
hehehehe - you know windows machines pump out way more noise then just the llmnr crap… The amount of noise coming off a windows machine is quite spectacular...
So if your going to spend time cutting down its noise that is just the first place to start...
Assuming that you have AD in place (you most certainly should with ~300 devices), you should disable the service via GPO.
disable llmnr in gpo yup..
Computer Configuration -> Administrative Templates -> Network -> DNS Client
“Turn Off Multicast Name Resolution” and set it to “Enabled”