16.2 Demand Dial

Technical Peculiarities and Limitations

Demand dialing has its peculiarities and limitations. The limitations should be consid- ered especially within designing and configuration of the network that will use WinRoute for connection and of the dial-up connected to the Internet.

1.Demand dial cannot be performed directly from the host where WinRoute is installed because it is initiated by WinRoute low-lever driver. This driver holds packets and decides whether the line should be dialed or not. If the line is disconnected and a packet is sent from the local host to the Internet, the packet will be dropped by the operating system before the WinRoute driver is able to capture it.

2.Typically the server is represented by the DNS name within traffic between clients and an Internet server. Therefore, the first packet sent by a client is represented by the DNS query that is intended to resolve a host name to an IP address.

In this example, the DNS server is the WinRoute host (this is very common) and the line to the Internet is disconnected. A client’s request on this DNS server is traffic within the local network and, therefore, it will not result in dialing the line. If the DNS server does not have the appropriate entry in the cache , it must forward the request to another server on the Internet. The packet is forwarded to the Internet by the local DNS client that is run at the WinRoute host. This packet cannot be held and it will not cause dialing of the line. Therefore, the DNS request cannot be answered and the traffic cannot continue.

For these reasons, WinRoute DNS Forwarder enables automatic dialing (if the DNS server cannot respond to the request itself). This function is dependent on demand dial — if the demand dial function is disabled, the DNS Forwarder will not dial the line.

Note: If the DNS server is located on another host within the local network or clients within the local network use an Internet DNS server, then the limitation is irrelevant and the dialing will be available. If clients’ DNS server is located on the Internet, the line will be dialed upon a client’s DNS query. If a local DNS server is used, the line will be dialed upon a query sent by this server to the Internet (the default gateway of the host where the DNS server is running must be set to the IP address of the

WinRoute host).

3.It can be easily understood through the last point that if the DNS server is to be running at the WinRoute host, it must be represented by DNS Forwarder because it can dial the line if necessary.

If there is a domain that is based on Active Directory in the Windows 2000 local net- work, Microsoft DNS server must be used as communication with Active Directory

227

Page 226 Page 228
Page 227
Image 227
Kerio Tech Firewall6 manual Technical Peculiarities and Limitations, 227
Page 226 Page 228
Top Page Image Contents