nslookup can't but browser can !
Joseph S D Yao
jsdy at cospo.osis.gov
Tue Aug 22 23:41:55 UTC 2000
On Tue, Aug 22, 2000 at 09:37:26AM -0700, Prashant Ranade wrote:
> I have a domain name server for a company say abc.com on NT machine
> resolving internal machines is no problem.. but when I try to resolv
> internet names I can't (using nslookup)
> however if I try to go through the browser I can get to any site on the
> internet even if that site is not there in the DNS cache.
> can somebody pl explain this ????????
>
> TIA
> Prashant
Since you refer to "internal" machines, you probably have a firewall.
Your browser names the firewall as its proxy. The browser does NOT try
to resolve the name, but instead passes the URL straight to the Web
proxy running on the firewall. The firewall obviously gets its name
service from the "outside", so it can resolve the name.
Your setup needs to change, in two ways.
First, your internal name server must forward all requests that it
can't resolve to a DNS proxy ['named' itself works fine] on the
firewall.
Second, it probably would help if, instead of getting DNS from the
outside, your firewall got DNS from your internal name server. That
way, your firewall would have access to internal names for things like
logging. External names can be resolved, too, because now the internal
name server can resolve external names. ;-)
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list