[ale] another DNS question...

John Wells jbwellsiv at yahoo.com
Wed Oct 31 15:46:13 EST 2001


Robert,

What seemed to work is if I removed the default route
for the internal network, and moved the internal DNS
server to the top of /etc/resolv.conf.  In addition, I
had to leave the "search" string at the top of
resolv.conf.

The problem now is that resolving external hosts seems
to be *extremely* slow (if successful at all).

Thanks for your help.  One thing I'm wondering...why
did removing the default route for the internal
network make a difference?

Thanks again,
John


--- Robert Heaven <robertheaven at mediaone.net> wrote:

<HR>
<html>
<head>
</head>
<body>
Come to think of it, I actually made this work on a
WinBlows box... Let me
see if I can remember...<br>
<br>
1. The external NIC was set up with DHCP and would
pick up the default route
from there.<br>
<br>
2. The internal NIC was set up with static IP and NO
default route<br>
<br>
3. After bootup I had a bat file that put in a static
route to the internal
net<br>
<br>
4. I also had to use statically defined DNS with the
internal DNS as the
primary and the external as secondary. That way the
internal DNS would very
quickly reply back with a negative answer for external
lookups. (the external
would search the entire internic list before giving
up)<br>
<br>
Now the question is how to translate that into
UNIX.<br>
<br>
1. Check you routing tables (netstat -r -n) and make
sure you don't have
multiple default routes. If you do change the config
on the internal NIC
to not have a default route.<br>
<br>
2. If you don't have a static route to the internal
net, put a "route add"
in the /etc/rc.d/rc.local file.<br>
<br>
3. Put the internal DNS in the list first and remove
the "search" line.<br>
<br>
Let me know if that works.<br>
<br>
John Wells wrote:<br>
<blockquote type="cite"
cite="20011031192018.25759.qmail at web9208.mail.yahoo.com">mid:20011031192018.25759.qmail at web9208.mail.yahoo.com">
  <pre wrap="">Well, there's no real external domain
here.  I just<br>want to be able to look up sites like
<a class="moz-txt-link-abbreviated"
href="http://www.slashdot.org">www.slashdot.org</a><br>or
<a class="moz-txt-link-abbreviated"
href="http://www.cnn.com">www.cnn.com</a> and also
look up partial internal<br>hostnames like mytestbox
(or<br>mytestbox.mytestdomain.com).<br><br>Thanks,<br>John<br><br>---
Robert Heaven <a class="moz-txt-link-rfc2396E"
href="mailto:robertheaven at mediaone.net">&lt;robertheaven at mediaone.net&gt;</a>
wrote:<br></pre>
  <blockquote type="cite">
    <pre wrap="">did you try:<br><br>    search 
testdomain.com  externaldomain.com<br><br>John Wells
wrote:<br><br></pre>
    <blockquote type="cite">
      <pre wrap="">I'm trying to get a machine set up
that has two<br></pre>
      </blockquote>
      <pre wrap="">NICs,<br></pre&gt;
      <blockquote type="cite">
        <pre wrap="">one to internal network and one
to external<br></pre>
        </blockquote>
        <pre wrap="">network. <br></pre>
        <blockquote type="cite">
          <pre wrap="">I want to be able to use the
internal net's DNS<br></pre>
          </blockquote>
          <pre wrap="">server<br></pre>
          <blockquote type="cite">
            <pre wrap="">to resolve internal DNS
queries, and the external<br>net's DNS server to
resolve external queries.  The<br>internal net's
domain is testdomain.com.<br><br>So, if I set up
/etc/resolv.conf to be:<br><br>search
testdomain.com<br>nameserver 198.153.233.8 ;internal
<br>nameserver 38.2.3.4 ; external<br>nameserver
38.2.3.5 ; external<br><br>Hosts resolve on the
internal net but not on the<br>external one.<br><br>If
I set up /etc/resolv.conf to be:<br><br>search
testdomain.com<br>nameserver 38.2.3.4 ;
external<br>nameserver 38.2.3.5 ;
external<br>nameserver 198.153.233.8 ;internal
<br><br>then hosts resolve on the external (ex.<br><a
class="moz-txt-link-abbreviated"
href="http://www.slashdot.org">www.slashdot.org</a>)
but not the internal.<br><br>Is there no way to have
both resolve?  Will I have<br></pre>
            </blockquote>
            <pre wrap="">to<br></pre>
            <blockquote type="cite">
              <pre wrap="">change the internal server
to provide information<br></pre>
              </blockquote>
              <pre wrap="">on<br></pre>
              <blockquote type="cite">
                <pre wrap="">external hosts?  I've
tried a number of different<br>configuration but can't
seem to get one to work.<br><br>Thanks in
advance,<br>John<br><br><br>__________________________________________________<br>Do
You Yahoo!?<br>Make a great connection at Yahoo!
Personals.<br><a class="moz-txt-link-freetext"
href="http://personals.yahoo.com">http://personals.yahoo.com</a><br><br>---<br>This
message has been sent through the ALE
general<br></pre>
                </blockquote>
                <pre wrap="">discussion
list.<br></pre>
                <blockquote type="cite">
                  <pre wrap="">See <a
class="moz-txt-link-freetext"
href="http://www.ale.org/mailing-lists.shtml">http://www.ale.org/mailing-lists.shtml</a>
for more<br></pre>
                  </blockquote>
                  <pre wrap="">info. Problems should
be <br></pre>
                  <blockquote type="cite">
                    <pre wrap="">sent to listmaster at
ale dot org.<br><br><br></pre>
                    </blockquote>
                    <pre wrap=""><br></pre>
                    </blockquote>
                    <pre
wrap=""><!----><br><br>__________________________________________________<br>Do
You Yahoo!?<br>Make a great connection at Yahoo!
Personals.<br><a class="moz-txt-link-freetext"
href="http://personals.yahoo.com">http://personals.yahoo.com</a><br><br>---<br>This
message has been sent through the ALE general
discussion list.<br>See <a
class="moz-txt-link-freetext"
href="http://www.ale.org/mailing-lists.shtml">http://www.ale.org/mailing-lists.shtml</a>
for more info. Problems should be <br>sent to
listmaster at ale dot org.<br><br><br></pre>
                    </blockquote>
                    <br>
                    </body>
                    </html>


---
This message has been sent through the ALE general
discussion list.
See http://www.ale.org/mailing-lists.shtml for more
info. Problems should be 
sent to listmaster at ale dot org.



__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list