Re: Choice of DNS version in mixed Windows NT 4 domain Environment

From: Herb Martin (news_at_LearnQuick.com)
Date: 01/17/05 

Date: Mon, 17 Jan 2005 10:00:01 -0600

"Jason" <Jason@discussions.microsoft.com> wrote in message
news:209E0770-CE82-4351-933A-67E9EA55761E@microsoft.com...
> I have set up an IIS web server on my DMZ and I want my clients on the
> internal trusted network to access the websites on the server using the
> correct domain name www.sitesample.com.

Generally things in your DMZ (for external access)
generally should be in a SEPARATE EXTERNAL
DNS and another Internet DNS (for your internal
users.)

The external DNS is best left at your Registrar in
most cases.

> I am currently using my ISP's DNS, so when the web request is resolved, my
> ISP directs the request to my DMZ.

That is an Ok, method, but in the long run the the
Registrar is a better location for most people than
the ISP.

> However, my firewall doesn't allow this
> kind of request redirection. The easiest solution is to install a DNS
server
> to forward the request to the server on the DMZ without querying the ISP's
> DNS.

Internal DNS should run on separate completely
INTERNAL DNS servers.

> Finally, my question is as I am running a Windows NT4 domain but have
> Windows 2000 and NT4 servers in the domain, I am wondering whether to use
an
> NT4 server's DNS software or a Windows 2000 server's DNS?

If you have a choice, use the Win2000 -- it has better
DNS features and will help you prepare should you ever
upgrade to a Win2000+ domain where the NT4 would be
an issue. 

-- 
Herb Martin
>
> Thanks for any help

Relevant Pages

  • Re: Urgent! New router and big disaster
    ... The SBS DNS server, running on ... its IP it means that your problem is now DNS. ... forward ports to it reliably in the router. ... I should have been more clear about internet connection.. ...
    (microsoft.public.windows.server.sbs)
  • Re: Cannot connect to RWW from home PC
    ... DNS stuff says your mail server is responding with reply that is not MS ... When we setup this new SBS2003 setup we installed without ISA as it does ... not seeing any problems anywhere regards internet or email - we also run ...
    (microsoft.public.windows.server.sbs)
  • Re: Non-domain connection problem
    ... For some reason the DNS is persistent. ... connect new PC to the internet from the non-domain network: ... In server 2000 gpoedit.msc showed them but in SBS it is different. ...
    (microsoft.public.windows.server.sbs)
  • Re: resolve incorrect IP from RRA server.
    ... dynamic address, 10.5.101.123 from DHCP server. ... This is because the addtional DNS records that get registered cause major problems with AD functionality, especially the additional IPs registered by RRAS. ... However, if you choose to keep RRAS on the DC, then you have to force DNS to only register the internal static interface, and no others. ... If it is the internet gateway, it is recommended to purchase an inexpensive, or cable/DLS router, or even better, a Cisco or similar firewall to perform the task, which if it is compromised by an internet attacker remotely, can further compromise the rest of the internal network. ...
    (microsoft.public.windows.server.dns)
  • Re: Cannot connect to RWW from home PC
    ... DNS stuff says your mail server is responding with reply that is not MS ... When we setup this new SBS2003 setup we installed without ISA as it does ... not seeing any problems anywhere regards internet or email - we also run ...
    (microsoft.public.windows.server.sbs)