On Thursday 14 February 2008 12:07:52 Carlos E. R. wrote:
The Thursday 2008-02-14 at 13:47 -0500, Doctor Who wrote:
Can you not then specify just the DNS of the client ? Their DNS server should be able to resolve Internet names in addition to their internal hosts, and you won't need the proxy to get its answers.
Their DNS boxes only serve to resolve names for internally hosted machines.
Set up your own dns server as cache, with "forwarders" set to their DNS, and "forward first". The external addresses will fail, and your DNS will then ask the root servers.
Another one, could be the option "rotate" in resolv.conf, with two dns defined (man resolv.conf). I haven't tried.
This is essentially what I suggested a week ago: On Thursday 07 February 2008 12:52:33 Jim Cunning wrote:
| The reason for the behavior you describe is that the resolver is actually | only | calling the first name server in the list, which returns a "No such domain" | (NXDOMAIN) for the FQDNs it does not know about. The list of name servers | is | only used if there is no reply from the first nameserver | queried. From "man | resolv.conf": | | "The algorithm used is to try a name server, and if the query times out, | try | the next, until out of name servers, then repeat trying all the name | servers | until a maximum number of retries are made." | | Unfortunately, I think this means a negative response from any name server | causes the search to terminate. I don't know of any set of resolv.conf | parameters that would do what you want. You might consider trying "option | rotate", however. | | This seems like your client's name server is misconfigured. Apparently it | is | only returning names for its local hosts, and not forwarding queries to any | upstream name servers. It might be possible to put a caching name server on | your laptop, and then have it forward queries to your client's server or | your | ISP's. See http://www.bind9.net/BIND-FAQ. The example they give isn't | quite | your situation, but might give you a clue.
-- Jim