Hi,
it seems our two DNS servers doesn't resolve external addresses from the internet. It actually works but we have discovered the following: our clients have our two DNS servers assigned via DHCP and browse through our Proxy. The Proxy has two DNS servers configured for resolving DNS queries. The first is our OES DNS and the second is our Firewall. Our Firewall has a tunnel to one of our partner's DNS supposedly for resolving DNS names in their domain. But I recently noticed that if I take out the Proxy's second DNS server (the Firewall) then browsing through our Proxy won't work anymore. Even more weird is that browsing without our Proxy doesn't work anymore either which should work since we opened HTTP/HTTPS in our Firewall for our network (for testing purposes).
So for me it seems that we're actually not using our DNS servers for resolving external addresses (internal addresses configured in our zone work fine) but the one from our partner. But where does that come from? How must our DNS servers be configured to resolve external addresses? Can the RootServerInfo zone be misconfigured? Do we need a forwarding list to our ISP's DNS server? Since we have multiple zones configured does each zone need these DNS servers? And if we would create a forwarding list I guess I could completely remove the DNS entry for our partner's DNS server from our Proxy and move it to the forwarding list of our OES DNS server? Or can we just put our ISP's DNS servers in the Proxy's DNS list so that when browsing the internet our OES DNS isn't even used. It would then only be used for queries inside our zone because our clients have our DNS servers assigned via DHCP.
Thanks in advance.
it seems our two DNS servers doesn't resolve external addresses from the internet. It actually works but we have discovered the following: our clients have our two DNS servers assigned via DHCP and browse through our Proxy. The Proxy has two DNS servers configured for resolving DNS queries. The first is our OES DNS and the second is our Firewall. Our Firewall has a tunnel to one of our partner's DNS supposedly for resolving DNS names in their domain. But I recently noticed that if I take out the Proxy's second DNS server (the Firewall) then browsing through our Proxy won't work anymore. Even more weird is that browsing without our Proxy doesn't work anymore either which should work since we opened HTTP/HTTPS in our Firewall for our network (for testing purposes).
So for me it seems that we're actually not using our DNS servers for resolving external addresses (internal addresses configured in our zone work fine) but the one from our partner. But where does that come from? How must our DNS servers be configured to resolve external addresses? Can the RootServerInfo zone be misconfigured? Do we need a forwarding list to our ISP's DNS server? Since we have multiple zones configured does each zone need these DNS servers? And if we would create a forwarding list I guess I could completely remove the DNS entry for our partner's DNS server from our Proxy and move it to the forwarding list of our OES DNS server? Or can we just put our ISP's DNS servers in the Proxy's DNS list so that when browsing the internet our OES DNS isn't even used. It would then only be used for queries inside our zone because our clients have our DNS servers assigned via DHCP.
Thanks in advance.