Publically Exposed Website with internal/external ipaddress

[Mark Heimonen]

Hi,

I've recently inherited a network with a publically exposed server on an
internal network. My previous experience is mostly just programming, but I
have now inherited all IT responsibilities.

Externally, typing in www.mycompany.com brings you to the server.
Internally, I could ping mycompany.com or www.mycompany.com, and typing in
www.munroept.com gives a page not found.

The guy who worked here previously set up everyone's host files to forward
www.mycompany.com to the correct server. I'm using a laptop, both at home
and at work, which means the solution will not work for me. I have to keep
commenting out the entry from my host file each time I leave the internal
network. I have resorted to using the internal ip whenever I access the
server internally: http://192.168.1.252, however this isn't going to work
for me anymore.

I noticed that the server had an internal dns, so I just added the host
"www" as an entry. This solved the problem. Is this a proper solution, or
is there some other issues I should be aware of?

Thanks,

Mark Heimonen

 

[Kevin D. Goodknecht [MVP]]

In

Hi,

I've recently inherited a network with a publically exposed server on
an internal network. My previous experience is mostly just
programming, but I have now inherited all IT responsibilities.

Externally, typing in www.mycompany.com brings you to the server.
Internally, I could ping mycompany.com or www.mycompany.com, and
typing in www.munroept.com gives a page not found.

The guy who worked here previously set up everyone's host files to
forward www.mycompany.com to the correct server. I'm using a laptop,
both at home and at work, which means the solution will not work for
me. I have to keep commenting out the entry from my host file each
time I leave the internal network. I have resorted to using the
internal ip whenever I access the server internally:
http://192.168.1.252, however this isn't going to work for me anymore.

I noticed that the server had an internal dns, so I just added the
host "www" as an entry. This solved the problem. Is this a proper
solution, or is there some other issues I should be aware of?

That was the proper solution, it causes no other issues. There are many
names for this , shadow DNS, Split name space, split horizon, call it what
you want. Your internal DNS server is Authoritative for the internal domain
and the public DNS is authoritative for the public domain. Any name in the
public DNS that does not exist in the internal DNS, must be added to the
internal DNS. The same goes the other way around, the only difference you
must take into consideration is the network view. The public network view of
the internal domain and public domain may be a different view from the
internal Network's view of the same domains. By views, I mean that their IP
address views if an NAT device exists between them.

 

[Mark Heimonen]

Thanks,

I just wanted to verify I had made a correct assumption. Are there any good
on-line resources you would recommend for learning more about dns and
network related issues?

-Mark

 

[Kevin D. Goodknecht [MVP]]

In

Thanks,

I just wanted to verify I had made a correct assumption. Are there
any good on-line resources you would recommend for learning more
about dns and network related issues?

Domain Name System (DNS) Center
http://www.microsoft.com/Windows2000/technologies/communications/dns/default.asp