Re: DNS for Idiots...
From: Roland Hall (nobody_at_nowhere)
Date: 02/19/05
- Next message: Mike: "Re: DNS for Idiots..."
- Previous message: Sameh Ahmed: "Re: Need to forward request for a domain to another DNS server"
- In reply to: Mike: "Re: DNS for Idiots..."
- Next in thread: Mike: "Re: DNS for Idiots..."
- Reply: Mike: "Re: DNS for Idiots..."
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 19 Feb 2005 17:49:37 -0600
"Mike" wrote in message news:%23cfxVqkFFHA.2564@tk2msftngp13.phx.gbl...
: "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
: news:uABhHYdFFHA.1292@TK2MSFTNGP10.phx.gbl...
: > In news:uHxSsMdFFHA.1564@TK2MSFTNGP09.phx.gbl,
: > Mike <mikey117@hotmail.com> commented
: > Then Kevin replied below:
: >> NAT addresses, but are mainly for public use. We have an
: >> AD domain & it's own dns server, so I'm not sure why we'd
: >> have NAT addrtesses on these. It was that way when I got
: >> here.
: >
: > Mike did my post not make it to your news server?
: > You need to correct the NS records on the Name server tab of the problem
: > zones.
: >
:
: Ok, maybe this will shed a little light on the situation, or make it all
the
: more confusing, you decide.
: Our main main domain is abc.com & we have about 6 other domains & websites
: that we host.
: Our phone/data provider hosts our dns for abc.com.
: Our AD domain controller for abc.com has forwarders set to our ISPs name
: servers, since they also handle our email, & has entries for the NAT
: addresses (192.168.6.x) of all our other websites.
If you're saying your ISP have entries for your private network, in your
forward lookup zone on their public DNS server, then that is not a good
thing to do. The Internet doesn't need to know anything about your private
network, nor does your ISP, even if they host your mail.
: All internal computers
: have this computer's IP address set as their dns server.
Assuming this is a 192.168.6.x address.
: We have dns running
: on 2 other computers with public & private addresses bound to their NICs.
Do not mix public and private addressing on the same DNS server. With a
split horizon you would have to have an entry for the web/mail server to
tell internal clients where they are but everything else should be private.
Split horizon = public domain and private domain match Ex. domain.com for
both instead of domain.com (public) and domain.local (private)
: We picked one of our other domains, lets say def.com, to handle dns for
the
: rest of our domains. So, under abc.com we have 2 A records, well 4
actually,
: for finster.abc.com & toejam.abc.com, which have both private & public IP
: addresses.
[shaking finger]
: Somewhere I need to add something (an A record?) that maps
: finster.abc.com to ns1.def.com & toejam.abc.com to ns2.def.com, am I
right?
: All other domains have SOA of finster.abc.com, NS records for
: finster.abc.com & toejam.abc.com, & an A record for the www address, which
: is the public IP address. Again, if any of this seems kind of whacked out,
I
: inherited it & am trying to clean it up!
: I am open to suggestions!
- Next message: Mike: "Re: DNS for Idiots..."
- Previous message: Sameh Ahmed: "Re: Need to forward request for a domain to another DNS server"
- In reply to: Mike: "Re: DNS for Idiots..."
- Next in thread: Mike: "Re: DNS for Idiots..."
- Reply: Mike: "Re: DNS for Idiots..."
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
