Internal DNS vs External DNS

[Guest]

Quick question I hope, we host an internal DNS zone called mitrust.com, we
also have an external DNS entry called www.mitrust.com. Internally we
created a www entry in mitrust.com to allow the internal users to get to the
same site external users can get to. We would like to remove www.mitrust.com
internally and have everyone get pushed out to the internet to resolve,
problem is when we remove the internal www entry, and clear all DNS cache and
all that good stuff, i am unable to resolve www.mitrust.com anymore? What am
I missing?? Any help would be greatly appreciated.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Quick question I hope, we host an internal DNS zone
called mitrust.com, we also have an external DNS entry
called www.mitrust.com. Internally we created a www
entry in mitrust.com to allow the internal users to get
to the same site external users can get to. We would
like to remove www.mitrust.com internally and have
everyone get pushed out to the internet to resolve,
problem is when we remove the internal www entry, and
clear all DNS cache and all that good stuff, i am unable
to resolve www.mitrust.com anymore? What am I missing??
Any help would be greatly appreciated.

If you delete the www record in mitrust.com you'll be missing
www.mitrust.com
If you want to access the www site you need the www record, this is one of
the drawbacks to using the same internal domain name as your public domain
name.

 

[Herb Martin]

Kevin's right.

When you use the same domain/zone name internally as
you do externally then YOU are required to maintain the
a "shadow" entry internatlly for every external entry
(you wish your users to resolve.)

This setup is traditionally referred to as 'shadow DNS'
or lately as 'split DNS'.

Such systems are REALLY TWO zones with the same
names -- they are two zones because they do not replicate
with each other.

Once your internal users find the Internal zone that should
contain the external records they will try no where else if
the record is not present.

 

[Ace Fekay [MVP]]

In

Quick question I hope, we host an internal DNS zone called
mitrust.com, we also have an external DNS entry called
www.mitrust.com. Internally we created a www entry in mitrust.com to
allow the internal users to get to the same site external users can
get to. We would like to remove www.mitrust.com internally and have
everyone get pushed out to the internet to resolve, problem is when
we remove the internal www entry, and clear all DNS cache and all
that good stuff, i am unable to resolve www.mitrust.com anymore?
What am I missing?? Any help would be greatly appreciated.

In addition to Herb and Kevin's reponses, I'm just curious, where is the
webserver? Is it internal and you are hosting it, or is it being hosted
elsewhere?

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Guest]

I appreciate all of the reponses, the problem was resolved by changing the
internal www entry to the internet address, thanks for all your help.

Duane

 

[David Andrew]

In response to all replied this is exactly how my Windows 2003 AD domain is
set up.

I resolved this issue by adding a SRV record in DNS under (for example)

company.com _UDP

and the following

Service = _http
Protocol=_udp
port = 80
host offering this service = webserver.company.com

Hope this helps

Regards.

D