Re: DNS setting-Is this right?
- From: "Jim Harrison" <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Sat, 21 Jul 2001 12:59:50 -0700
Hiya Tom!
That's expected behavior with W2K DNS and you'll actually see the same issue
even with the ISP DNS in the external interface; the internal resolution
will bomb out for 'x' time. Notable is that with the DNS resolvers split
across NICs, the whole NIC, not just a DNS entry, will get blacklisted when
even one DNS query fails. That's the main reason for placing them all in
one NIC.
I'm still trying to find some way to modify the "blacklist" timeout that W2K
DNS cache has.
I'll review the SP2 fixlist and see if anything jumps out at me.
Jim Harrison
MCP(2K), A+, Network+, PCG
----- Original Message -----
From: "Thomas W. Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Saturday, July 21, 2001 12:43 PM
Subject: [isalist] Re: DNS setting-Is this right?
http://www.ISAserver.org
Hi Jim,
This brings up something I've noticed at a couple of sites. There seems
to be a bug in the DNS server search feature that prevents the machine
from reverting to the Preferred DNS address if it needs for some reason
to use an alternate DNS server address.
For example, on the internal interface, you enter the DNS server for the
internal network as the Preferred DNS server IP address and you enter
your ISPs DNS server as an alternate. Now, if I take the internal DNS
server down for awhile, the machines can still access external resources
but can't access internal resources by host name. This is to be
expected.
However, if I bring the internal DNS server back online, the ISA Server
does not query the Preferred DNS server any longer, even though its now
available. As you can imagine, that can create all sorts of havoc.
For this reason, I've reverted to configuring the ISPs DNS server on the
external interfaceof the ISA Server.
I know its not supposed to work this way, and I do not know if this has
been fixed with SP2.
Have Fun!
:-)
Tom
www.isaserver.org/shinder
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Saturday, July 21, 2001 2:19 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: DNS setting-Is this right?
http://www.ISAserver.org
What you've done will work, but it's not optimal.
Check this out..
http://www.isaserver.org/pages/tutorials/dns4ISA.htm
Jim Harrison
MCP(2K), A+, Network+, PCG
----- Original Message -----
From: "Adewale Egunjobi" <eddywase@xxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Saturday, July 21, 2001 11:23 AM
Subject: [isalist] DNS setting-Is this right?
http://www.ISAserver.org
Dear all,
On my ISA server(integrated mode) having 2 NICs, the
external NIC was configured with the DNS addresses
from the ISP, while the internal NIC was configured
with the DNS address of the same win2k server hosting
both the ISA server and the DNS server for name
resolution for the internal clients.
This means i'm having 2 different DNS addresses
configured for the 2 NICs, one from ISP while other
from internal DNS server on the ISA.
Things have been working fine but is this right?
Thanks,
Wasiu Egunjobi
A+, MCP+I, MCSE
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts: