Public & Private DNS Issue

F

Fred Yarbrough

BACKGROUND:
We are using the split DNS model where there are separate Public and Private
DNS servers. Our domain name is Company.com in our Public DNS servers and
our internal network uses NET.company.com for our domain in our Private DNS.
Our Private DNS forwards any unknown DNS queries to our Public DNS server.
So for example an internal client request for www.company.com hits our
Private DNS and gets forwarded to our Public DNS for resolution since
Company.com is defined in our Public DNS.


ISSUE TRYING TO RESOLVE:
We have a special website that sits inside our network. This website is
defined in our Public DNS as special.company.com 1.2.3.4 and is front ended
by an ISA server. We would like to add a record to our Private DNS server
so that users would resolve this special.company.com site to 2.3.4.5 which
is the internal address. How do I do this? Can I do this? Is it possible
to simply add a record for a domain without having to define a Zone?


Thanks,
Fred
 
K

Kevin D. Goodknecht Sr. [MVP]

In
Fred Yarbrough said:
BACKGROUND:
We are using the split DNS model where there are separate
Public and Private DNS servers. Our domain name is
Company.com in our Public DNS servers and our internal
network uses NET.company.com for our domain in our
Private DNS. Our Private DNS forwards any unknown DNS
queries to our Public DNS server. So for example an
internal client request for www.company.com hits our
Private DNS and gets forwarded to our Public DNS for
resolution since Company.com is defined in our Public
DNS.


ISSUE TRYING TO RESOLVE:
We have a special website that sits inside our network.
This website is defined in our Public DNS as
special.company.com 1.2.3.4 and is front ended by an ISA
server. We would like to add a record to our Private DNS
server so that users would resolve this
special.company.com site to 2.3.4.5 which is the internal
address. How do I do this? Can I do this? Is it
possible to simply add a record for a domain without
having to define a Zone?
Click to expand...

Use the DNS management console to open forward lookup zones, start the new
zone wizard name the new zone special.company.com, after you finish the
wizard open the zone create a new host, Leave the name field blank, give it
IP 2.3.4.5 and create. Win2k will bark at you and say "(same as parent
folder) is not a valid host name)" Click OK to create the record anyway.

Then run ipconfig /flushdns to clear the old record out of your computer DNS
cache.
 
F

Fred Yarbrough

Works like a champ! Cool Trick.... I guess in this instance you are
actually defining an internal zone with this name and mapping the zone to
this address. Does it matter if this Zone is AD Integrated or not? I guess
it depends if you want this internal remapping to be for all of your AD
network.


Thanks,
Fred
 
K

Kevin D. Goodknecht Sr. [MVP]

In
Fred Yarbrough said:
Works like a champ! Cool Trick.... I guess in this
instance you are actually defining an internal zone with
this name and mapping the zone to this address. Does it
matter if this Zone is AD Integrated or not? I guess it
depends if you want this internal remapping to be for all
of your AD network.
Click to expand...

It doesn't matter if its AD integrated or not, you're not allowing dynamic
updates anyway and it's only a good address for your internal LAN.
 
F

Fred Yarbrough

Understood. My point with the AD Integrated is that it will be passed on to
our other DNS servers (WAN locations). If you make it Non AD Integrated it
will only stay on the DNS server where it was defined.

Thanks for you help,
Fred
 
K

Kevin D. Goodknecht Sr. [MVP]

In
Fred Yarbrough said:
Understood. My point with the AD Integrated is that it
will be passed on to our other DNS servers (WAN
locations). If you make it Non AD Integrated it will
only stay on the DNS server where it was defined.
Click to expand...

This is correct and will work if all locations access it by that same IP
address.
 
A

Ace Fekay [MVP]

In
Fred Yarbrough said:
Works like a champ! Cool Trick.... I guess in this instance you are
actually defining an internal zone with this name and mapping the
zone to this address. Does it matter if this Zone is AD Integrated
or not? I guess it depends if you want this internal remapping to be
for all of your AD network.


Thanks,
Fred
Click to expand...


It's just a different namespace, even if it looks like it has a common root,
but it's independent. You can look at it as a 'start' of a new namespace.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

DNS woes and MX Records. 8
Use Secondary Zones or Forward For Domains 4
New office - DNS server set up question 6
Windows XP Client - Secondary DNS Server 3
Internal vs External DNS 3
dns on multiple domains 7
Standalone DNS Question 7
Public DNS Requests from Domain Controller? 3

Top