Is the traffic from your FreeBSD box to the DNS server going through the Cisco? Could it be that the Cisco logs that traffic to the FreeBSD box, which in turn tries to perform a reverse DNS lookup on the syslog connection, causing more traffic to DNS, causing the Cisco to log it, causing .... etc.? This sounds similar to running a tcpdump on port 22 of a server you're ssh'ed into. Does the Cisco IP have an entry in /etc/hosts? That would suppress the DNS lookups. If that's what this is, of course.
|