On Fri, 2003-10-24 at 15:52, Donald Tyler wrote: > I have some questions regarding DNS servers that I hope someone can help > me with. > > 1. We currently use our ISP's DNS servers. Are these the ONLY DNS > servers that my local machines should ever need to talk to? Should? Yes, assuming you're referring to their resolvers. An end-user/client network should only need access to a caching resolver. It's up to the resolver to contact the TLD Root and/or authoritative nameservers on your behalf. > 2. We have a local DNS server for a few sites we host. Who exactly needs > access to this through the firewall? Everyone. There's no other way for all of the resolvers spread throughout the globe to resolve your information. If you haven't already, I'd strongly suggest putting your nameservers in a DMZ. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
