Resolving external IPs locally

G

GL

We have 2 Windows 2003 boxes with Active Directory and DNS
server on them. Our other servers are setup with these
boxes as their DNS servers. I would like to set up another
DNS zone so that the DNS servers can resolve the IP
addresses of some servers externally (on Internet, outside
the firewall). This is to reduce the amount of entries for
machines that I would have to permit in the firewall ACL
to do DNS lookups. What kind of zone would I setup?
Primary, secondary or stub? Or is there a better way of
achieving this?
 
K

Kevin D. Goodknecht Sr. [MVP]

In
GL said:
We have 2 Windows 2003 boxes with Active Directory and DNS
server on them. Our other servers are setup with these
boxes as their DNS servers. I would like to set up another
DNS zone so that the DNS servers can resolve the IP
addresses of some servers externally (on Internet, outside
the firewall). This is to reduce the amount of entries for
machines that I would have to permit in the firewall ACL
to do DNS lookups. What kind of zone would I setup?
Primary, secondary or stub? Or is there a better way of
achieving this?
Click to expand...

Does DNS have a root forward lookup zone? If you delete this zone it will
enable root hints and make it possible for the DNS server to resolve any
name in the ICANN root.
If you want only some names to resolve, you can use a stub zone.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Cached entries and Stub zones 3
DC's to use their own DNS/Domain name, while clients use another 1
Proper DNS configuration help 12
Transcender DNS Question 3
DNS Forwarding/resolving for a specific host 2
Internal vs External DNS 3
Forwarding or Stub Zones? 7
MX Records for external domains not resolving properly 2

Top