Re: DNS HELP?!

Tech-Archive recommends: Speed Up your PC by fixing your registry

From: Ace Fekay [MVP] (PleaseSubstituteMyActualFirstName&LastNameHere_at_hotmail.com)
Date: 08/18/04 

Date: Wed, 18 Aug 2004 00:06:12 -0400

In news:%23$6eXrIhEHA.3932@TK2MSFTNGP09.phx.gbl,
ca.yahoo@just1coder <ca.yahoo@just1coder> made a post then I commented below
> Just two that need internal access too.
>
> Could you explain why internal DNS is required too?
>
> I thought that since it was hosted externally, it would be ok?!
> Apparently not.
>
> Ace Fekay [MVP] wrote:
>
>> In news:%239GwSq7gEHA.644@tk2msftngp13.phx.gbl,
>> just1coder@yahoo.ca <just1coder@yahoo.ca> made a post then I
>> commented below
>>
>>> So, for each website hosted on the internal servers I should have a
>>> zone for that site and a blank record pointing to the private IP of
>>> the server?
>>>
>>> Does Windows DNS support wildcards too? Like *.domain.com ?
>>
>>
>> Yes it does support wildcards, but you can get in trouble using
>> them. I suggest not to.
>>
>> But that's the idea. How many zones do you have?

If you are hosting a webserver internally to the outside world, then the
external DNS is pointing to the WAN IP of your NAT/Router. The router in a
NAT scenario such as this is port remapping por 80 to the internal private
IP. That is how the external users get to it.

For internal users, if it resolves to the outside WAN IP, NAT cannot, cannot
port remap an internal request to the outside interface and back in again to
the internal resource. Hence, why you have to manually create the record
internally using the private IP address.

Just a limitation of NAT, no matter who makes the device...

Hope that helps. 

-- 
Regards,
Ace
Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.
This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
-- 
=================================

Relevant Pages

  • Re: DNS HELP?!
    ... > Could you explain why internal DNS is required too? ... For internal users, if it resolves to the outside WAN IP, NAT cannot, cannot ... Please direct all replies ONLY to the Microsoft public newsgroups ... Microsoft Windows MVP - Windows Server - Directory Services ...
    (microsoft.public.win2000.dns)
  • Re: cannot ping my domain
    ... > He is going to get unreliable results if this is an internal DNS ... > supporting an AD domain as the DCs also do what you suggest ... Please direct all replies ONLY to the Microsoft public newsgroups so all can benefit. ... Microsoft Windows MVP - Windows Server - Directory Services Security Is Like An Onion, ...
    (microsoft.public.win2000.dns)
  • Re: Forwarding or Stub Zones?
    ... the internal DNS servers, and not your external or ISP's DNS. ... Please direct all replies ONLY to the Microsoft public newsgroups ... Microsoft Windows MVP - Windows Server - Directory Services ...
    (microsoft.public.win2000.dns)
  • Re: DNS HELP?!
    ... Ace Fekay wrote: ... >>Could you explain why internal DNS is required too? ... That is how the external users get to it. ... > For internal users, if it resolves to the outside WAN IP, NAT cannot, cannot ...
    (microsoft.public.win2000.dns)
  • Re: DNS HELP?!
    ... Ace Fekay wrote: ... >>Could you explain why internal DNS is required too? ... That is how the external users get to it. ... > For internal users, if it resolves to the outside WAN IP, NAT cannot, cannot ...
    (microsoft.public.windows.server.dns)