Great Circle Associates Firewalls
(March 1994)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Firewall DNS
From: S30831%DNC @ utrcgw . utc . com
Date: 03 Mar 1994 12:21:55 -0400 (EDT)
To: firewalls @ GreatCircle . COM

I am attempting to set up an internal server authoritative for our domain
to resolve internal requests. Using some helpful advice offered previously
on this list, I am using a "forwarders" line on this internal server that 
points to our firewall name server to resolve outside addresses for 
internal hosts. This way internal hosts should be able to easily resolve 
both internal and external addresses, but external hosts should be 
restricted to the information contained on the external firewall name server.

This works perfectly well for every client that points to the internal server.
The problem occurs with the servers that are primary for our
subdomains and the clients that point to them.  These subdomain servers
are receiving Internet root information from the internal server
causing long delays and time-outs.

How can I stop the Internet root information from being propagated to 
these subdomain primaries and their secondaries? The firewall solution offered 
in the Nutshell Bind book (making Internal server authoritative for .)
does not offer the flexibility of the above solution.

Any help would be greatly appreciated.

-Karen

Indexed By Date Previous: Re: Help on a contact...
From: "Robert G. Moskowitz" <0003858921 @ mcimail . com>
Next: Anybody out there?
From: Steve . Fritzinger @ East . Sun . COM (Steve Fritzinger - SE Sun Vienna Va.)
Indexed By Thread Previous: Re: Help on a contact...
From: "Robert G. Moskowitz" <0003858921 @ mcimail . com>
Next: Anybody out there?
From: Steve . Fritzinger @ East . Sun . COM (Steve Fritzinger - SE Sun Vienna Va.)

Google
 
Search Internet Search www.greatcircle.com