Accessing windows 2000 dns through linux

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi folks,

In my company we had one Windows 2000 domain called
(Private DNS) and
one Redhat Linux proxy Server(for internet)

Now the squid is working is fine. We can able to access the internet..

In a Internet client machine,

But if we want to access the intranet access sites(for example,,
 we have to include the entries
 in Internet Explorer - tools-Internet settings -Lan Settings - Do not
use the proxy server for local address - In exceptions tab we have to

In an intranet client machine,

We can access intranet access perfectly by giving dns ip without proxy

Now the management team wants to do this...

All requests to both internet ( sites and intranet
( sites goues through proxy. If it is

a intranet site it should be redirected this to Windows 2000 Domain
(for resolving). Internet Sites should go through proxy as it is.

For that I made entry in proxy server /etc/resolv.conf

my private dns ip
my public dns ip

Now internet is not working..because all requests goes through private
dns ip.

Precisely, they want to eliminate the settings(Do not use the proxy
server for local address - In exceptions tab we have to specify
* Only they want to specify the proxy ip address and
its port (for local intranet specifing the dns server ip).

What Should I do ?

Re: Accessing windows 2000 dns through linux

pandi wrote:

Quoted text here. Click to load it

Assuming your proxy's DNS service still does return IPs for names when
asked, can you setup the Windows DNS server to use the proxy's DNS as a
forwarder?  Sounds like resolv.conf only affects the host OS usage of
DNS when it needs info, but not the actual running of DNS zones.

You may be better off setting up Split-DNS on your proxy server.  The
BIND documentation at has this described, get the source
code, and find the Bv9ARM.pdf.  This way, if you have the proxy use
itself as a DNS resolver, and host the internal names/IP's on it - yet
restrict who can get at this information (only or internal
IP's), then you have some level of safety in not exposing your world to


Site Timeline