This may be due to an "old" version of bind. Until quite recently there have
been a number of bind bugs which can cause this effect (separate problems for
internal binds running in slave mode, and external binds with poor
connectivity to forwarders). We recently upgraded both our internal and
external binds to bind-4.9.3-P1 and all these problems went away...
In article <4p7l0p$jl8 @
saab .
optimation .
co .
nz> jnoetzel @
intermind .
com (Jeremy
Noetzelman) writes:>From: jnoetzel @
intermind .
com (Jeremy Noetzelman)
>Subject: Firewalls and DNS
>Date: 7 Jun 1996 10:10:33 +1200
>We'd like to have a split DNS with a public server and a private server.
>We've initially started with two servers, one of which has dummy DNS
>entries, one of them has the real entries. The one with the real entries is
>behind the firewall, and is set up as a slave/forwarder to the external one
>with the dummy DNS entries.
>So far so good, but the problem is incredibly slow DNS lookups, which
>timeout regularly. For example, with Netscape if you click on a link, it
>times out the first time, but the answer is available immediately on the
>second try.
>I'm completely uncertain what the problem is. while this may not be a strict
>firewalls question, I'm sure it's one that is of interest to many.
>Any help would be much appreciated.
>Jeremy Noetzelman
>---
>Jeremy Noetzelman
>jnoetzel @
intermind .
com
>Operations Specialist
>Intermind Corporation
-------------------------------------------------------------------
Chris Palmer Phone: +(64) (4) 472 7218
Optimation New Zealand Ltd Fax: +(64) (4) 472 7219
P.O. Box 10616 Mobile: +(64) (25) 863 24
|
|
