Re: Split-Brain DNS
From: Roger Abell [MVP] (mvpNoSpam_at_asu.edu)
Date: 12/07/04
- Next message: Roger Abell [MVP]: "Re: How to test DNS"
- Previous message: Roger Abell [MVP]: "Re: dns over subnets"
- In reply to: Freilich: "Split-Brain DNS"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 6 Dec 2004 21:20:03 -0700
Just a couple of observations:
1. Let the ISP host the external DNS services. Most often the record
content is quite static, and the ISP provides sufficient control when
change is needed. Otherwise you need DNS running on a (2) server
other than the DNS servers used for AD support, plus you need to
have it exposed, etc..
2. Get that DNS box that you mentioned as being in the DMZ out of
there so it is entirely within.
3. Consider carefully your migration, and restrictions placed on you,
especially for such as the AD DNS domain, before you get going.
4. If SBS was good enough for the org and its size before, consider
whether SBS still is - some of its integration and features are pretty
cool for that size of a business - particularly the prebuilt accesses
for mobile workers, etc..
-- Roger Abell Microsoft MVP (Windows Server System: Security) MCDBA, MCSE W2k3+W2k+Nt4 "Freilich" <Freilich@discussions.microsoft.com> wrote in message news:B29D3814-40C9-4A78-A7E0-6879694019DF@microsoft.com... > Hello Everyone, > > I'm pretty new to this and having a lot of run-ins with issues. I'm > attempting to set up split-brain DNS for my company. > > Background: > My company is using a Small Business Server (SBS) 4.5 using NT 4.0. I am > trying to modernize the company by bringing them into a Windows 2003 Std. > world. My first task it to replace this ancient SBS and to do that I need > to > have a few things in place. > > - First off I need to have split-brain DNS running. I also need DHCP for > the > internal network. > > - Second I need Active Directory (AD) working after DNS is setup. > > - Third, I need to get Exchange 2003 running, as opposed to the 5.5 that > is > running on the SBS server. > > - Forth, I need to merge another domain into our current domain; so I will > have acme.com running first and then later merge generic.com into it. > > Main Question: > > What do I need to do to setup split-brain DNS for the company? I know I > need external and internal DNS servers, 2 of each. But can I set it up so > that I use our ISPs DNS server as one of the external hosts instead of > using > two machines on our side? > > I need a step-by-step process for setting this up. Does anybody know of > one? Or could explain it themselves? > > Here is what I have now. > I have on the internal side: > > - A windows 2003 std server, after going through the DNS setup wizard, > running Dynamic Updates for Zones > > - It does not know about the worlds external DNS servers, only the > external > DNS server I have setup on our DMZ, using the forwards list on the > internal > server. > > - Added the static entries for internal servers that need to be accessed > inside. > > - Increased the timeout value for DNS to a minute. > > - All our computers on the inside of our network will be pointing to our > internal DNS server. > > On the external side I have a DNS server, after going through the DNS > wizard, that has a list of all the global DNS servers in the world to send > any request out to. > > I am willing to scrap anything I have setup already and start fresh if it > can help. What should I do to setup split-brain DNS? All the MS > whitepapers > I can find only have stuff for an ISP and doesn't really flow well with a > small business infrastructure. Everything they have is about windows 2000 > and some of the stuff that 200 did doesn't apply to 2003. >
- Next message: Roger Abell [MVP]: "Re: How to test DNS"
- Previous message: Roger Abell [MVP]: "Re: dns over subnets"
- In reply to: Freilich: "Split-Brain DNS"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
