DNS between forests and Firewalls

J

Joseph C.

We are attempting to create 2 AD forests. There will be
one DC/DNS in the DMZ and one DC/DNS for the internal
forest. What would be the proper procedure to setup DNS
so that resolution will take place between the forests?
What factors should I be aware of on a firewall level.

Thank you in advance.
 
H

Herb Martin

Joseph C. said:
We are attempting to create 2 AD forests. There will be
one DC/DNS in the DMZ and one DC/DNS for the internal
forest. What would be the proper procedure to setup DNS
so that resolution will take place between the forests?
What factors should I be aware of on a firewall level.
Click to expand...

Unless you are going to use "external trusts" (or Win2003 'forest' trusts)
then forests are pretty irrelevant to DNS.

DNS is a pure name resolution issue AND perhaps a Domain setup
issue, with some correlation in a single forest due to the hierarchy of
trees.

Why will you have multiple forests? Why will you have a DC in the
DMZ area?

What will you Name structure look like? And which machines need to
resolve which (other) machines?

Will you be using public DNS names (and thus "shadow DNS" for either
or both forests/domains?

It's a lot more complicated than we can guess from your question BUT
it is very SIMPLE to setup if we know the precise requirements.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Multi forest and Citrix farm 1
DNS resolution across domains 2
DNS between Forests 3
DNS replication on 2 domain on 2 forests 23
Internal vs External DNS 3
Moving users between forests 4
DNS forwarding loop 0
2 forests, 1 dns server 2

Top