A user can resolve an external name much quicker when using the local DNS server verses the internal DNS server. Most everyone's internal DNS servers are set to forward request for names it does not contain. Even if the internal DNS server does not forward external request you will then see the client use the DNS servers listed for the non-CP interface after failing to the internal DNS server. This is not split DNS but DNS failover.
-----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Ray Sent: Wednesday, December 01, 2004 10:16 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] split DNS with office mode Sure, isn't that how it's supposed to work? The internal DNS is a superset of the external DNS. Why is this a problem for you, Gary? Ray >From: Gary Scott <[EMAIL PROTECTED]> >Reply-To: Mailing list for discussion of Firewall-1 ><[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: [FW-1] split DNS with office mode >Date: Wed, 1 Dec 2004 08:20:13 -0500 > >Does this actually work? I have tested with several FW's and clients and >different versions, the problem is not with accessing the internal DNS >server for defined domain suffix's, but all DNS request are sent to the >internal DNS server regardless of the suffix. Has anyone else seen this >behavior? Thanks, GS > > > > > > > > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
