[TriLUG] Re: DNS lookup of Linux server fails intermittently (OT - W2K and DNS)

Jon Carnes jonc at nc.rr.com
Mon Dec 3 17:52:54 EST 2001


Just another dig... CERT recently pointed out a rather nasty vulnerability
for the DNS service run on Windows. Make sure your Sysadmin updates...
Really you should move DNS over to Linux.  I've set it up on both platforms
and Linux/Unix is far easier to setup and maintain.

The real killer is that DNS served via Windows is horribly slow - especially
if you have other services running on the box.  This makes your entire
network seem slow and kludged.

Jon
----- Original Message -----
From: "Geoffrey Douglas Purdy" <gdpurdy at unity.ncsu.edu>
To: <trilug at trilug.org>
Sent: Monday, December 03, 2001 1:33 PM
Subject: [TriLUG] Re: DNS lookup of Linux server fails intermittently (OT -
W2K and DNS)


> Jeremy,
>
> Thanks for the clarification.  I got the general point that the problem is
> caused by the W2K clients being given a set of nameservers containing
> both internal and external DNS servers.  The solution would be to hand the
> client only a set of internal DNS servers and instruct the internal DNS
> servers to forward requests to the external DNS servers when necessary.
>
> (Fortunately) implementing this on the W2K DNS and DHCP servers is the
> turf of our Windows sysadmin.  He's made the changes to DHCP such that
> clients only get a list of internal DNS servers.  At this point, it's
> pretty much wait and see if the problem goes away.  The old DNS info
> should be purged from all clients in three days (the length of leases) or
> less.
>
> I will be very glad if we can demonstrate that this is not related to the
> fact that we're running a Linux webserver.  I mentioned in another
> message that this is our first major deployment on a Linux platform.  As
> one might anticipate, the Windows admins tend to immediately blame
> problems on Linux whenever possible.
>
> Thanks again for your help,
>
> Geoff
>
> _______________________________________________
> TriLUG mailing list
> http://www.trilug.org/mailman/listinfo/trilug




More information about the TriLUG mailing list