General discussion


Public DNS resolution of private names?

By Tictag ·
Hi All,

My root DC (Win2k Server, SP4) hosts the TEST.LOCAL. domain and DNS zone. Internally all works fine.

I have been capturing traffic during external VPN connections to RRAS over a DoD Internet connection in an attempt to find out why they take so long to complete. Once the VPN connection completes all is fine but I have noticed that my server is making TEST.LOCAL. queries to a public DNS server. To be specific, the server is making LDAP SRV RR queries to the public DNS servers automatically configured on the DoD Dial-up adapter. Of course the queries are failing and I think this is causing the delay in completing the VPN connection.

I can not find a reason why my server would make a public DNS query for a known local zone name.

Any offers or comment would be appreciated.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by edrossius In reply to Public DNS resolution of ...

I think your problem comes from the automatically configured DNS.

First, you should configure your VPN clients to use your internal DNS server (if you establish a VPN with your LAN, this should be to access local ressources...).

Next, you should configure your internal DNS to use your ISP's DNS as forwarders if requests are for the "outside world".

I think that with such configuration, your VPN clients will always use your local DNS and, if necessary, they will be redirected to public DNSs.

Hope this will help...

Collapse -

by Tictag In reply to

Thank you for the reply. I completely agree.

- My VPN clients are DHCP assigned and are configured with the TEST.LOCAL. DNS server.

- My server is configured with my ISP assigned DNS servers (my ISP round robin allocates their DNS server addresses)

Unfortunately this still leaves me unanswered as to why my server in this scenario is making public DNS queries for what are blatantly local name resolution requests.

Collapse -

by Tictag In reply to Public DNS resolution of ...

Point value changed by question poster.

Collapse -

by Tictag In reply to Public DNS resolution of ...

This question was closed by the author

Related Discussions

Related Forums