Hi,
Thanks for your post.
>Why would clients be talking that way and is this expected?
Active Directory communication takes place using several ports. These ports are required by both client computers and Domain Controllers. As an example, when a client computer tries to find a domain controller it always sends a DNS Query over Port 53 to find the name of the domain controller in the domain.
UDP Port 389 for LDAP to handle normal queries from client computers to the domain controllers.
TCP port 636 for Directory, Replication, User and Computer Authentication, Group Policy, Trusts
Please check the articles for more details.
https://support.microsoft.com/en-us/kb/832017#4
Best Regards,