Hi there, I have little confusion about bind and Windows AD/DNS Setup and woudl appreciate if someone can shed some light on my query.
Well, I have BIND/RPZ setup in my environment and I have AD/DNS server, users are configured to talk to Windows DNS server and it has forwarder set to my BIND/RPZ. Now the issue I faced is on my BIND/RPZ is; I had forwarder set as 9.9.9.9 which was flaggin one of site wrongly while 8.8.8.8 is resolving that perfectly. Hence users while accessing site via AD/DNS -> RPZ -> 9.9.9.9 initially was consistently getting error. Later I decided to change the forwarder in my BIND and added as 8.8.8.8. Restarted the service that must have cleared the cache but users who were using AD/DNS were still getting that wrong pages. I guess that was being served from DNS cache since it was showing a TTL value of almost 24 hrs. Hence wondering if TTL value from my BIND/RPZ can be lowered? Will that really make any difference? And which DNS server is responsible for giving the TTL value to users? How can I eventually set the lower TTL value in my environment so that records from end users may get flushed faster? Windows, BIND RPZ or NS of end portal which is being accessed? Thanks and Regards, Lionel F
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users