yyy.com.

YYY corporation Proxy Server

.

com.

zzz.com.

External world / Global Nezzzrk

VPN

VPN

Firewall

someother.com.

ZZZ corporation

2

first.yyy.com.

 

 

 

YYY

 

 

.

corporation

3

 

yyy.com.

4

 

 

 

 

5

 

 

 

second.yyy.com. third.yyy.com.

ZZZ

2

 

corporation

 

 

zzz.com.

 

 

 

 

yyy.com.

 

5

3

 

4

 

 

first.zzz.com. second.zzz.com. third.zzz.com.

1

6

1

6

Zone.Name.

Primary Zone

Zone.Name.

Secondary Zone

 

A DNS Server, Firewall, VPN or Proxy Server

A DNS Client

Starting with an example when a corporate computer needs to resolve an internal name (follow the above figure for illustrations).

A computer in the YYY Corporation needs to resolve a DNS query for www.third.yyy.com. First it finds that the name www.third.yyy.com. is internal based on PAC file. Therefore, it submits the query to the assigned DNS server (Step 1). If this DNS server is authoritative for the name www.third.yyy.com. or the cache contains necessary data, then the server will respond to the client. Otherwise the server will query a root server (Step 2). A root server returns a reference to the authoritative server (Step 3). Then the server sends a query to the authoritative server zone (Step 4), receives a response from it (Step 5) and finally passes it to the client (Step 6).

A computer in the ZZZ Corporation needs to resolve a DNS query for www.third.zzz.com. It submits the query to the assigned DNS server (Step 1). If this DNS server is authoritative for the name www.third.yyy.com. or the cache contains necessary data, then the server will respond to the client. Otherwise the server

Windows 2000 White Paper

50

Page 56
Image 56
Microsoft windows 2000 DNS manual Vpn