This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

prevent internal reverse DNS query to forwarders?

Hi,

is there a way to prevent ASL(5.021)  from trying to resolve internal IP
Adresses to DNS names? It seems that ASL tries to resolve the proxy
client IP Adresses, and these queries slow down the proxy operation.
I don't want to have the internal zones really on the ASL,
so I think  either to stop the programs to log with resolved
names or introduce a fake reverse zone for the internal net
(in this case  /16) could do the job.

Any suggestions/ideas?

Paul

This thread was automatically locked due to age.

0 SecApp over 21 years ago

You got it pretty much right; set up an internal zone.

Someday maybe we can add simple entries to Astaro's DNS proxy...
Cancel
Vote Up 0 Vote Down

Cancel
0 paule over 21 years ago in reply to SecApp

Big question mark: how to set up an additional zone on the ASL itself?
There exists a /24 reverse zone for the internal interface, but that
doesn't help with out /16 network. Having the netmask in mind
when the scripts generate the bind config would help.

(Besides that, the zone entry for this reverse zone
in named.boot is generated twice, because we had to create a subinterface
with a second ip address towards the internal net)

Paul
Cancel
Vote Up 0 Vote Down

Cancel