Split DNS zone not resolving some public addresses
Danny Mayer
mayer at gis.net
Wed Nov 20 23:04:05 UTC 2002
At 12:23 PM 11/20/02, Tim wrote:
>I've recently become aware that from inside our firewall our private
>DNS server can resolve most but not all domains. For example, I can
>get to www.yahoo.com. Yesterday, when I clicked through to their
>financial charting pages, I could bring up the majority of the page
>from finance.yahoo.com, but I couldn't resolve chart.yahoo.com and get
>the actual charts. Today, I can't seem to resolve finance.yahoo.com.
>There are other similar problems.
You need to look at what nameserver your proxy server is using. Browsers
use the proxy server to get to pages outside the firewall and never look
up the addresses themselves unless you are allowing them to directly
access Web servers outside the firewall. What is the proxy server using
for a nameserver? You need to query that nameserver to answer these
questions.
Danny
More information about the bind-users
mailing list