Hi All-
We are installing a the DFWS (Digital FireWall Service -- used to be the
SEAL firewall) here. This is a two host system as described below:
FW Host #1
Proxy host Router to Internet
| |
| |
--------------------------------------
| Insecure net
|
FW Host #2
Packet
screening
gateway
|
|
--------------------------------------
Internal Net
Host #1 runs all the proxies, as well as the DNS for the external world.
We have another DNS internally. Our Service consultant from Digital
recommends running a caching Name Server on Host #2 so that DNS
queries from Host #1 get cached, and save traffic -- otherwise all
queries from Host #1 would have to be passed to our internal name server.
However, I remember reading that it's not a good idea to run DNS on
the gateway host. I'm inclined to say no. And anyway, we have a DNS server
on the same subnet as Host #2 internally.
What do you all think? Should I run DNS on Host #2?
Alex | Alex Pakter - UNIX systems analyst
---- | Omnitel Pronto Italia - Milano, Italy
| Internet Mail: Alex .
Pakter @
omnitel .
it
Have a day. | WWW Home Page: http://idiom.com/~alex (in progress)
|
|
