Originally Posted by Old_Fogie
in an ideal world a physical pc that is a dns server should also act as a gateway and firewall & should really be 'network bridged' to the the dsl or cable modem, and not pull an ip address ...........also that same dns/gateway/firewall pc should not host any servers to the lan or the internet other than dns. even better would be to have the dns on a different box too.
thanks for your reply, I noticed my up link is a bridged networks too, when i looked at those arp request which came from many different net and subnets; once, some of these requests ( who-has) meet my subnet, my dns would pop up connctions, when dns was on this router. This really bothered me, therefore I had moved my dns back to behind my firewall/router.
I had never thought about virtual bridged my up link with localnet too, it is great idea, I will try it out.