why don't you use two (ore three) DNS-servers on your application gateway: the (primary and secondary) DNS-server of your Provider for internet adresses and your internal DNS-server for the internal adresses? I think that should solve the problem. If you're using SuSE Linux, you can change the nameservers using yast or you can edit /etc/resolve.
But how did the gateway know, that for example MY-PC-NAME is an internal Name, and it has to be resolved by the internal DNS-Server.
If I resolve Names by my Provider, the Gateway try to resolve MY-PC-NAME <by the Provider. Yet I see no way to told the Gateway: "For this name try the Internal- for an other name try the Provider- DNS-Server"
Michael
Ok, I see. Your application gateway should use the internal name server(s) first; if that one doesn't know the answer it has to be configured in that >way that it will ask the nameserver of the provider (the nameservers of your internal nameserver should be the ones of your provider). If your internal server(s) are down, then the application gateway can still resolve external names - using the second or third configured >nameserver.
Okay, so I try this: 1. The Gateway try to resolve every Name by the Internal DNS-Server. 2. Internal names will be found. 3. If nothing is found, the Internal DNS-Server will forward the question to a DNS-Server running on the Gateway. 4. The DNS-Server running on the Gateway forward every question to the Providers DNS-Server. It seems to be a long way. What about the performance??? Michael
* Michael Hamm wrote on Fri, Mar 24, 2000 at 16:40 +0100:
Okay, so I try this: 1. The Gateway try to resolve every Name by the Internal DNS-Server. 2. Internal names will be found. 3. If nothing is found, the Internal DNS-Server will forward the question to a DNS-Server running on the Gateway. 4. The DNS-Server running on the Gateway forward every question to the Providers DNS-Server.
It seems to be a long way. What about the performance???
Usually your internal DNS server should cache the RRs, and keep in mind that clients query forwarders of the ISP usually. Alternatively you can allow your internal DNS-server to do recursive queries be itself, but then you have to allow the whole net to send packets to the domain port of your internal server, so I would prefer to forward all queries to an ISP DNS server. oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
participants (2)
-
Michael Hamm -
Steffen Dettmer