Re: DNS newbie needs help

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Ace Fekay [MVP] (PleaseSubstituteMyActualFirstName&LastNameHere_at_hotmail.com)
Date: 10/05/04 

Date: Tue, 5 Oct 2004 00:44:03 -0400

In news:ypg8d.3462$HO1.199797@news20.bellglobal.com,
Stephane Hebert <sgtpepper@bootcamp.com> made a post then I commented below
> Hi folks,
>
> Although i've been reading up on DNS, I can't seem to find a way to
> implement what I want.
>
> Here's my situation.
>
> - LAN with an WinNT 4.0 file server. This is a FILE server. That's
> all it does. It uses a domain, not a workgroup.
> - An email server using Merak Email Server. OS is Win2K Pro.
> - A mix of clients (win98, win2k pro and win xp home)
> - We have a static IP from ISP
> - We have a static dns account at dyndns.org. I'd like to get rid of
> that.
> - We have three laptops that need to send/receive emails using our
> email server using IMAP. These laptops are half of the time
> connected locally and the other half on the road using dial-up.
>
> The problem:
>
> When the laptops are connected locally on the LAN, I have to setup
> the email pop and smtp servers to point at the email server
> (192.168.0.3).
> Obviously, this won't work once connected thru dial-up.
> Also, if I specify the static IP supplied by our ISP when connected
> thru the LAN, it doesn't work. Why ???
> If I specify the static IP whern connected thru dial-up then it works.
>
> So to resolve this, I thought that it would be nice if I could just
> set up the laptop to use something like mail.myowndowmain.com and
> have this point to my email server no matter how the laptop is
> connected. I would rather not use the dyndns.org service and have my
> own name instead of whatever.dyndns.org.
> I realize that I need to get a new domain name registered, but once I
> get that, how do I setup my email server and LAN for all of this to
> work ?
>
> Sorry for the ignorance and thanks in advance to all who reply.
>
> Stephane Hebert

To make it work internally, you'll need to install and configure a DNS
server, create your external zone name on that internal server, and provide
the private IPs. Only set your internal clients to use the internal DNS.
Configure a forwarder to efficiently resolve external names. The reason is
when the internal clients ask your outside DNS, it gives the WAN IP as the
response, but a NAT server cannot take an internal request to its external
interface and remap it back in. Its a NAT limitation.

If you want to host DNS instead of DynDNS, then you will need two DNS
servers. One as stated above with only private IPs, and one for public IPs
that Internet queries will use to resolve your external WAN IP. Of course,
you would need to register it as a hostname server with the registrar. Keep
in mind, they actually need two nameservers minimum per domain, but with
using NAT, that;s a huge limitation. I would suggest to keep it hosted
externally. Its easier, less headaches, less hardware and cheaper in the
long run, unless of course you want to become an ISP? 

-- 
Regards,
Ace
Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.
This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
-- 
=================================

Relevant Pages

  • Re: Urgent! New router and big disaster
    ... The SBS DNS server, running on ... its IP it means that your problem is now DNS. ... forward ports to it reliably in the router. ... I should have been more clear about internet connection.. ...
    (microsoft.public.windows.server.sbs)
  • Re: Cannot connect to RWW from home PC
    ... DNS stuff says your mail server is responding with reply that is not MS ... When we setup this new SBS2003 setup we installed without ISA as it does ... not seeing any problems anywhere regards internet or email - we also run ...
    (microsoft.public.windows.server.sbs)
  • Re: Host discovery
    ... I test some companies and I found dns ... - Web Server ... enabled and how we will attempt to map them from the Internet. ... actually do a proper penetration test. ...
    (Pen-Test)
  • Re: Non-domain connection problem
    ... For some reason the DNS is persistent. ... connect new PC to the internet from the non-domain network: ... In server 2000 gpoedit.msc showed them but in SBS it is different. ...
    (microsoft.public.windows.server.sbs)
  • Re: resolve incorrect IP from RRA server.
    ... dynamic address, 10.5.101.123 from DHCP server. ... This is because the addtional DNS records that get registered cause major problems with AD functionality, especially the additional IPs registered by RRAS. ... However, if you choose to keep RRAS on the DC, then you have to force DNS to only register the internal static interface, and no others. ... If it is the internet gateway, it is recommended to purchase an inexpensive, or cable/DLS router, or even better, a Cisco or similar firewall to perform the task, which if it is compromised by an internet attacker remotely, can further compromise the rest of the internal network. ...
    (microsoft.public.windows.server.dns)