asked on
DNS issue with barracuda 210 web filter
Hi,
recently we installed a barracuda 210 web filter in our network and for some reason when we go to certain sites its really slow to load but yahoo loads instantly. Support said they had to clear dns cache on their end but still have problem. They also ran unix tool to do a lookup on our secondary dns server which we input onto the ip settings of the barracuda and they said it didnt respond however when i ping it on our internal network no problem. I actually ran namebench software to check for fastest dns server in our area and it found a better address so put that as our primary and used 8.8.8.8 google dns as secondary. My question is that when i looked at our internal dns server i didnt see any external ip address in there referencing either the primary or secondary dns server that we use on both the barracuda and on netscreen 5gt router we have. Is there supposed to be an entry in the internal dns server referencing or listing at least one of the dns servers? Thanks.
recently we installed a barracuda 210 web filter in our network and for some reason when we go to certain sites its really slow to load but yahoo loads instantly. Support said they had to clear dns cache on their end but still have problem. They also ran unix tool to do a lookup on our secondary dns server which we input onto the ip settings of the barracuda and they said it didnt respond however when i ping it on our internal network no problem. I actually ran namebench software to check for fastest dns server in our area and it found a better address so put that as our primary and used 8.8.8.8 google dns as secondary. My question is that when i looked at our internal dns server i didnt see any external ip address in there referencing either the primary or secondary dns server that we use on both the barracuda and on netscreen 5gt router we have. Is there supposed to be an entry in the internal dns server referencing or listing at least one of the dns servers? Thanks.
DNSWCF
Last Comment
dankyle67
your internal DNS server should have at least one public DNS server that it will use to forward requests for domains it can not resolve. Without that you will experience delays and lag when browsing
ASKER
Ok, so how can i manually enter the public DNS into the our internal DNS server and was curious why even though there currently is no public DNS entry in there, how come most of the sites are loading fairly quickly. Only seems like cnn.com and dell.com are slow to load. Trying to get a handle on the sequence of servers that an internal pc uses to resolve web addresses. Prior to installing the barracuda, the pc would use internal DNS server first in its query and i assume if it sees nothing there it uses the address listed on the netscreen router which has the external DNS listed of course or nobody could get out to internet at all.
We would need to know what kind of DNs servers you are running (windows, linux etc) Also ive noticed with windows XP if you have more than one DNS server, if the pc doesnt not find the address its looking for it will NOT check the 2nd DNS server. It only tries the 2nd DNS server if the first in the list is unreachable.
ASKER
interesting what you mentioned about xp not trying the 2nd dns server if first is reachable. I wanted to test the barracuda by only entering one dns but they advised against it but thought its just a test so why not but actually havent done it yet. We are using windows 2003 server standard for dns server.
Yes i am not sure if its a bug or the way they intended it to work, but according to my experience, the DNS server the computer has configured at boot is the only one it references. all the others are ignored :(
To create the DNs forwarder on servr 2003. Goto the DNSmgmt management console and right click on the server icon and choose properties. You can then click on the tab labled 'forwarders' And you can list several ip addresses of DNS servers to send requests to if the domain name you are looking for is not configured in your local DNS.
How we use this is all our internal servers and a few public ones that we manage are configured in local DNS. Everything else is forwarded to the internet based DNS server.
To create the DNs forwarder on servr 2003. Goto the DNSmgmt management console and right click on the server icon and choose properties. You can then click on the tab labled 'forwarders' And you can list several ip addresses of DNS servers to send requests to if the domain name you are looking for is not configured in your local DNS.
How we use this is all our internal servers and a few public ones that we manage are configured in local DNS. Everything else is forwarded to the internet based DNS server.
ASKER
I added 2 dns server ip addresses in forwarders as you instructed and then i went to ping yahoo.com again and fine but when i went to ping dell.com and hotmail.com they both timed out. Pretty sure the barracuda is somehow filtering these addresses and they just time out. In other words, if i removed the barracuda and left everything the same in pc settings, pretty sure the ping results would be quick. just dont wanna do that right now since they are all working and also i am at a remote site. Is there a command line like ipconfig /all that lists for sure which dns server the pc is really using for resolving names?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
thanks for all the help