Re: Secondary DNS and PIX

From: WingCommander <WingCommander@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 11 May 2009 14:13:02 -0700

I have considered this option too, but with a production company of this many
people who depend on the network connection, I am weary of doing something
like this. I have had CISCO examine the configuration several times, but you
are right that it could still be a configuration. I have considered another
hardware firewall and may have to do that but only as a last resort.

For now, I know that my DNS is overburdened and needs some relief.
Thanks for the suggestion

"ERG" wrote:

WingCommander wrote:

this is a continuation of thread
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.windows.server.sbs&mid=239d5d0b-6f53-40b0-987b-91852de49498.

I replaced and updated the pix with the latest OS and patches and installed
on the network and I still have the same problem with the pix locking up.
But in my troubleshooting I noticed that my DNS counters for "total query
received" and "total responses sent" were maxed out at 100. My questions are
as follows:

1.) any idea what the counter should look like for an SBS DC that is
running DNS that has about 70 clients on it?

2.) How can I add a secondary DNS server to the SBS network, and how to I
configure it to offload some of the DNS burden from the DC? I currently have
2 additional W2K3 machines that I could configure for DNS.

Thanks for the information, assistance and options in advance.

Scott

maybe something in the pix is not configured correctly despite being
patched and updated. have you tried using a different firewall by chance?

find an old desktop, put an extra nic in it and install smoothwall
(simple, open source network firewall / smoothwall.org). run it for a
few days and see if it you still have these same issues.

you can even setup a proxy on it to relieve your SBS of repeated DNS
requests.

Follow-Ups:
- Re: Secondary DNS and PIX
  - From: kj [SBS MVP]

References:
- Secondary DNS and PIX
  - From: WingCommander
- Re: Secondary DNS and PIX
  - From: ERG

Prev by Date: Re: Secondary DNS and PIX
Next by Date: Re: Installed new router with sbs2k3 - Subnet mask question.
Previous by thread: Re: Secondary DNS and PIX
Next by thread: Re: Secondary DNS and PIX
Index(es):
- Date
- Thread

Relevant Pages

Re: Non-domain connection problem
... You said that you "hard coded the DNS server to a known DNS on the internet: ... Connect to Internet from Internal Network ... NSLOOKUP always looks for the SBS as the default gateway. ...
(microsoft.public.windows.server.sbs)
Re: How to Move DNS off SBS2003 to another DC? Global Catalog Also
... I will leave DNS on the SBS system. ... We have an SBS, Oracle, Backup server in one building supporting 34 Win2k ... > network traffic, and are delayed. ...
(microsoft.public.windows.server.sbs)
Re: How to Move DNS off SBS2003 to another DC? Global Catalog Also
... I would suggest that you keep the DNS on the SBS regardless of any other ... I wouldn't install more than one DNS server per stable sub-network in this ... >> network traffic, and are delayed. ...
(microsoft.public.windows.server.sbs)
Re: NO OUTGOING OUTLOOK EMAIL...HELP
... External Network - Static IP with DNS 4.2.2.2 and 4.2.2.1 ... Is the SBS handling the DHCP? ... specify the Firebox internal IP as the default gateway. ...
(microsoft.public.windows.server.sbs)
Re: 2 SBS on same network.
... share a single network connection and public IP, ... but it still seems to hang on as a SBS myth. ... has different IP address ranges, WINS servers, DNS servers. ...
(microsoft.public.windows.server.sbs)