DNS Question

[Nathaniel Hall]

We are not able to push DNS updates to our ISP so we have to register 
through a page on their site.  Naturally, this takes a few days.  Our 
goal is to make it easier for us to create DNS entries in our DMZ DNS so 
that we can use the entry internally only.  Is there an easy way to send 
the query on to the ISP if the domain.com entry isn't found in the DMZ DNS?

Nathaniel Hall, GSEC
Intrusion Detection and Firewall Technician
Ozarks Technical Community College -- Office of Computer Networking

halln at otc.edu
417-447-7535



David Cary Hart wrote:

>On Fri, 2004-12-17 at 15:14 -0600, Nathaniel Hall wrote:
>  
>
>>Our DNS resolves domain.com.  I have system1.domain.com correctly 
>>resolving using the DMZ DNS.
>>The ISP DNS also resolves system1.domain.com for users outside the 
>>firewalls.  In addition to system1, system2.domain.com resolves on the 
>>ISP DNS from the outside.
>>
>>If I am on the inside and try to resolve system2.domain.com, it doesn't 
>>get resolved because it is not setup in the DMZ DNS.  I want to be able 
>>to resolve system2.domain.com by passing the query from the DMZ DNS to 
>>the ISP DNS.
>>
>>I know it is confusing.  If there are any questions, let me know.
>>    
>>
>
>It's not confusing at all. I just wonder why. We use our ISP for domain
>dns so that they provide a reverse email pointer. However, we run bind
>(named) as a caching name server on the LAN. We have a tqmcube zone
>defined so that clients can set up dns to, well, "dns" outgoing mail to
>"smtp" a proxy to "squid," etc. There's no conflict.
>
>The advantage is faster resolution on the WAN with simplicity on the LAN
>(no HOSTS required).
>________________________________________________________________________
>Total Quality Management - A Commitment to Excellence
>http://www.TQMcube.com
>
>
>  
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20041217/cfb25d47/attachment-0001.htm>