I have a small office with a W2K server and a PPPoE DSL internet access over a Fortigate firewall. My DNS server sits on the W2K server and has one forwarder configured: the firewall, which in turn acts as a forwarder to get our current external DNS servers via PPPoE. This works perfectly good.
Now, the firewall has an IPSEC VPN configured to a company, whose internal DNS server should also be queried. So I've added their internal domain as a secondary zone to my W2K DNS server and let it update from the master servers, which I've defined there. To get their host names resolved, I have to add their domain to all unknown host names - this is configured on my respective clients (TCP->DNS).
What's happening now is that each and every DNS query is also forwarded to their servers, because it seems that the clients issue one request for the native host in question and an additional one for the host name, appended by their domain name.
I don't know if this is the reason, but if it is, I can't suppress forwarding each query to their servers, even if they're resolved by either my DNS server or the forwarder chain.
Does anyone have a solution to this problem? Not only it's annoying - it also seems to be much slower than querying only one server.
TIA,
Michael
Start Free Trial
