You can install a caching only DNS forwarder on the ISA firewall itself. Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ara Avvali Sent: Thursday, April 06, 2006 2:53 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: dns forwarders I have 2 windows 2003 domain controllers and everyone is pointing to them. Would that change the scenario? Appreciated ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder Sent: Thursday, April 06, 2006 12:49 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: dns forwarders If you have a dedicated DNS resolver, use root hints. I wouldn't use root hints on the DNS server on my DC. Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ara Avvali Sent: Thursday, April 06, 2006 2:45 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: dns forwarders Hi Tom, Do you see any down side of just using root hints? ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder Sent: Thursday, April 06, 2006 12:40 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: dns forwarders I like them when I manage the forwarder. Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat Sent: Thursday, April 06, 2006 2:30 PM To: ISA Mailing List Subject: [isalist] Re: dns forwarders I don't....:) ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder Sent: Thursday, April 06, 2006 4:25 PM To: ISA Mailing List Subject: [isalist] Re: dns forwarders I like forwarders. Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat Sent: Thursday, April 06, 2006 1:33 PM To: ISA Mailing List Subject: [isalist] Re: dns forwarders Do not use forwarders......at all S ________________________________ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ara Avvali Sent: Thursday, April 06, 2006 3:28 PM To: ISA Mailing List Subject: [isalist] dns forwarders Hello everyone. Would someone clear this for me? It's a bit off topic. Domain controller (192.168.0.a) <------> (192.168.0.b) ISA (192.168.1.c) <----> (192.168.1.d) LinkSys Router <----> ISP 1. If I want to add forwarders to dns tab of domain controller, should I put the internal side ip address of router or should I put the one from ISP? 2. Does domain controller cache DNS requests too pretty much like http caching? Or does it go and ask every single time there is query. Appreciated