RE: Interesting problem...

• From: "Ball, Dan" <DBall@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 3 Mar 2005 22:50:22 -0500

I have each of the "outer" DNS servers setup to use themselves as a DNS
server first, and the PDC DNS server as a secondary. So, if that server
cannot resolve the address, it forwards it to the PDC, and if it cannot
resolve it, it then switches to the "forwarding" DNS server, which is
run by our ISP.  This cuts down significantly on DNS lookup traffic
because they all use one server within our own network before venturing
out to the Internet to resolve the address.

If I leave the forwarding server entries blank, then it starts using the
"root hint" servers instead of our ISPs DNS server.  I'd like to see
some studies on which method is faster, as I've heard arguments both
ways.  

I was trying to remember how I got all of my "outer" DNS servers to
resolve back to the PDC before going out to the Internet, and it appears
to be the DNS entries in the network properties on the server, so that
makes sense and explains why only one DNS server actually does the
forwarding.

In order to duplicate what you describe, I'd have to remove the DNS
entries from all my "outer" DNS servers, and add them in as authorized
computers in my DNS firewall policy.  But that wouldn't help me at all,
in that in order to reach the Internet they still have to resolve
internal names first.  If they cannot resolve names to even get to the
ISA server, they certainly cannot get to the Internet.

-----Original Message-----
From: Steve Moffat [mailto:steve@xxxxxxxxxx] 
Sent: Thursday, March 03, 2005 16:08
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Interesting problem...

http://www.ISAserver.org

Mmmmm

I don't have a "pdc" DNS Server, I have a DNS rule to allow all my dns
servers to query the internet. None of my dns servers forward to
anywhere else. I found this to be the quickest for DNS resolution and if
any of my 4 dns servers are down for maintenance then there is no
interruption of service at all.

S

Other related posts:

• » Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...
• » RE: Interesting problem...

1. Home
2. isalist
3. Archive
4. 03-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---