Everytime a packet comes in that might match the rule, you would have to do a DNS lookup. Not a good idea, as this would REALLY screw up the latency on your firewall.
Absolutely - it's not without it's detriments. Some of that may be reduced with a good caching name server, but overall the response will be slower. RB --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
