Child Domain DC behind Firewall

G

Guest

I got a little problem, I'm in the process of moving our DC behind a
firewall. And I've disabled DDNS on the DC in order for it not to update the
external DNS with it's private ip. Although the record keeps disappearing
from the DNS every 3 weeks or so. Is there a way to force it not to become
stale, or a way to have DDNS enabled but have it provide the external Public
IP to the DNS server for registration.
 
H

Herb Martin

kevinsharp69 said:
I got a little problem, I'm in the process of moving our DC behind a
firewall. And I've disabled DDNS on the DC in order for it not to update the
external DNS with it's private ip.
Click to expand...

You should not do that. DCs require Dynamic
DNS for the domain to function correctly.

You should instead separate the DC from the
EXTERNAL DNS -- they should not communicate
directly.

If you are using the same zone name externally and
internally they should be setup as "Shadow DNS"
which is really two DIFFERENT zones that happen
to have the same name (they don't replicate).

Since each will have it's own Primary the external
can be NON-dynamic and the internal will allow
the dynamic updates.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

DNS Update Failed 16
DNS client setting in the DNS servers behind firewall 11
DDNS Updates.. 1
Parent Domain Zone Disappears From External DNS Server 9
Zone x-fer event 6525 "refused" error happens frequently 9
Fix Child Domain DNS prior to adding 2003 DCs 1
DNS and 2003 AD integration qustion 2
new child domain in a 2003 forest 3

Top