DNS issue with barracuda 210 web filter

dankyle67
dankyle67 used Ask the Experts™
on
Hi,
recently we installed a barracuda 210 web filter in our network and for some reason when we go to certain sites its really slow to load but yahoo loads instantly.  Support said they had to clear dns cache on their end but still have problem.  They also ran unix tool to do a lookup on our secondary dns server which we input onto the ip settings of the barracuda and they said it didnt respond however when i ping it on our internal network no problem.  I actually ran namebench software to check for fastest dns server in our area and it found a better address so put that as our primary and used 8.8.8.8 google dns as secondary.  My question is that when i looked at our internal dns server i didnt see any external ip address in there referencing either the primary or secondary dns server that we use on both the barracuda and on netscreen 5gt router we have.  Is there supposed to be an entry in the internal dns server referencing or listing at least one of the dns servers? Thanks.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
your internal DNS server should have at least one public DNS server that it will use to forward requests for domains it can not resolve. Without that you will experience delays and lag when browsing

Author

Commented:
Ok, so how can i manually enter the public DNS into the our internal DNS server and was curious why even though there currently is no public DNS entry in there, how come most of the sites are loading fairly quickly.  Only seems like cnn.com and dell.com are slow to load.  Trying to get a handle on the sequence of servers that an internal pc uses to resolve web addresses.  Prior to installing the barracuda, the pc would use internal DNS server first in its query and i assume if it sees nothing there it uses the address listed on the netscreen router which has the external DNS listed of course or nobody could get out to internet at all.  

Commented:
We would need to know what kind of DNs servers you are running (windows, linux etc) Also ive noticed with windows XP if you have more than one DNS server, if the pc doesnt not find the address its looking for it will NOT check the 2nd DNS server. It only tries the 2nd DNS server if the first in the list is unreachable.
Become a Certified Penetration Testing Engineer

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Author

Commented:
interesting what you mentioned about xp not trying the 2nd dns server if first is reachable.  I wanted to test the barracuda by only entering one dns but they advised against it but thought its just a test so why not but actually havent done it yet.  We are using windows 2003 server standard for dns server.  

Commented:
Yes i am not sure if its a bug or the way they intended it to work, but according to my experience, the DNS server the computer has configured at boot is the only one it references. all the others are ignored :(

To create the DNs forwarder on servr 2003. Goto the DNSmgmt management console and right click on the server icon and choose properties. You can then click on the tab labled 'forwarders' And you can list several ip addresses of DNS servers to send requests to if the domain name you are looking for is not configured in your local DNS.

How we use this is all our internal servers and a few public ones that we manage are configured in local DNS. Everything else is forwarded to the internet based DNS server.

Author

Commented:
I added 2 dns server ip addresses in forwarders as you instructed and then i went to ping yahoo.com again and fine but when i went to ping dell.com and hotmail.com they both timed out.  Pretty sure the barracuda is somehow filtering these addresses and they just time out.  In other words, if i removed the barracuda and left everything the same in pc settings, pretty sure the ping results would be quick.  just dont wanna do that right now since they are all working and also i am at a remote site.  Is there a command line like ipconfig /all that lists for sure which dns server the pc is really using for resolving names?  
Commented:
nslookup should tell you what DNS servers a Pc is using to resolve a specific address.

here is a link with a brief description on how to use it. If a name resolved using internal DNS it will list the local IP of that DNs server. If the name resolved using external DNS it will list the external DNS server that returned the result. Do not be alarmed if you do not see the specific public DNS server you configured since NS lookup goes to the authority server. since even public DNs servers are configured with forwarders.

http://www.tech-faq.com/how-to-find-your-dns-servers.html

Author

Commented:
thanks for all the help

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial