I second this method as it will also use the internal DNS server to cache the results. made a noticeable difference on my network WAN usage. -Sean
> Date: Fri, 20 Jul 2007 06:59:12 -0400> From: [EMAIL PROTECTED]> To: > [email protected]> Subject: RE: [pfSense Support] DNS forwarder > timeouts/failures> > If this is a domain environment this will likely slow > down domain> functions as the XP machines will be asking the ISP server for > domain> information. I think a better way is to have MS DNS have a forwarder> > for external lookups setup (right click on dns server in mmc, and select> the > forwarder tab there you can specify your ISP's dns or even better> yet use > OPENDNS 208.67.222.222. Then have DHCP assign the MS DNS as the> only DNS > server.> > > > -----Original Message-----> From: sai [mailto:[EMAIL > PROTECTED] > Sent: Friday, July 20, 2007 6:48 AM> To: [email protected]> > Subject: Re: [pfSense Support] DNS forwarder timeouts/failures> > I've always > had problems with MS DNS implementations. They have messed> around with DNS > and so it exhibits strange behaviour.> I'd suggest that you get rid of the MS > machines IP as a DNS server on> the firewall. On your XP PCs have the > firewall as the primary DNS, and> the MS machine as secondary.> > > sai> > On > 7/18/07, Volker Kuhlmann <[EMAIL PROTECTED]> wrote:> > I have installed > pfsense 1.2beta1 built on Mon Apr 30 10:47:18 EDT > > 2007, LAN with half a > dozen XP and a few Linux machines. ADSL. Primary> > > name server on the > general setup tab is fixed to the ISP's name > > server, secondary name > server is set to the MS business server 2003. > > DHCP server and DNS > forwarder are used on pfsense. Client machines are> > > set to use the > pfsense firewall as name server.> >> > Frequently name lookups in browsers > fail. On page reload in the > > browser they are always fine. The problem is > more pronounced on the XP> > > clients but also exists on the Linux clients. > To check that it isn't > > the ISP's name server (which has a bad > reputation), I configured a > > name server of another ISP instead. Timeouts > occur as frequently.> >> > My analysis of the problem is that pfsense's DNS > forwarder's timeouts > > are too short. How can I increase those?> >> > > Thanks for any tips.> >> > Volker> >> > > ---------------------------------------------------------------------> > To > unsubscribe, e-mail: [EMAIL PROTECTED] For additional> > > commands, e-mail: > [EMAIL PROTECTED]> >> >> > > ---------------------------------------------------------------------> To > unsubscribe, e-mail: [EMAIL PROTECTED] For additional> commands, e-mail: > [EMAIL PROTECTED]> > > > ---------------------------------------------------------------------> To > unsubscribe, e-mail: [EMAIL PROTECTED]> For additional commands, e-mail: > [EMAIL PROTECTED]> _________________________________________________________________ See what you’re getting into…before you go there. http://newlivehotmail.com
