If your Windows NT or Windows 2000 DNS server resolves client queries for internet hosts, some domain names may not resolve.
A partial list of affected domain names includes:
www.apple.com www.caldera.com www.efax.com www.intel.com www.fda.govThe problem will arise when your DNS server is inside a firewall, it queries an authoritative name server that is outside, and receives a reply with a different source IP address than expected.
If the outside server has a load balancing feature, this can occur.
Your options are:
Set the Forwarders option on the inside server to an outside server, which causes a recursive query. This causes the reply to have the expected source IP address.
Set the firewall to allow all inbound port 53 traffic that is destined to your inside server.