Re: newbie to DNS
- From: "Skip" <Skip@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 8 Jul 2005 20:11:02 -0700
I got the DNS stuff worked out. My router needed DHCP activated in order to
do an IP pass-through to the server. I really wanted to manage private
addressing through the however, so I just set the scope of the DHCP on the
router to only include one available address. THe DHCP on the server still
isn't serving the addresses though, so I just set them to static. Any
thoughts?
The mail issue turned out to be port 25 blocked at ISP. I only have a
residential account. I begged but no dice.
Please see my ltest post for help with lsasrv issue.
"Steve Duff [MVP]" wrote:
> Your DNS >must< answer with public IPs for DNS queries originating from the Internet - including the SOA record (I assume you meant
> "SOA"). There is no IP address as such in an SOA record, so I assume you mean the IP in the host (A) record for the nameserver
> itself.
>
> This reverts to the LAN IP because of periodic dynamic DNS registrations that Windows servers do. It is mismatched because your
> domain registrar reports your public DNS IP as the nameserver for your domain, and you are reporting a different, unreachable LAN IP
> for the domain's primary nameserver. (In this case, "bad IP" would be a better description than "mismatched IP".)
>
> As you're finding out, running public Windows Server DNSen behind address translating firewalls is not the easiest configuration.
> DMZ/LAN hosts and servers that are registering private LAN addresses using dynamic DNS cause the problem you're seeing with no
> simple solution if you are also using the same DNS to service public queries. And disabling DDNS on a domain server - while
> possible - is not simple or really to be recommended.
>
> So what you're actually learning is that the best thing to do is to go ahead and pay the $5.95/yr for a public DNS service to handle
> your public DNS presence and keep your own DNS private. The second-best thing to do is have a second DNS server for public DNS and
> place it in your DMZ. This is second-best because the first option is both cheaper and better in most cases.
>
> I'll assume (without having enough information to know for sure) that your mail query problem also relates to LAN IP addresses
> showing up in the DNS responses. If not, post back with more details.
>
>
> Steve Duff, MCSE, MVP
> Ergodic Systems, Inc.
>
> "Skip" <Skip@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:88398D3D-A2D4-4770-8F47-965E7460699A@xxxxxxxxxxxxxxxx
> > I'm in the process of setting up web and mail services on my own server for
> > the first time. Of course DNS has been the biggest issue. I have my DNS
> > server up and running and it locates the parent. I am able to access my http
> > site and ftp site. The e-mail server has been pain. I could pay $5.95 yr for
> > someone else to do this but i figure if I'm gonna' be worth a damn I need to
> > learn to configure and host all services.
> >
> > Here are my questions:
> >
> > 1. When I run a dns report at dnsreports.com I get a pass on all tests
> > except for connecting to the mail server. All configurations seem correct and
> > (MX) records are located. Any thoughts?
> >
> > 2. The AOS record for the dns server continues to revert to the local IP
> > after being changed to the public IP. I am behind a firewall using IP
> > passthrough pointing to my mail/web server. I get a "mismatched glue" report
> > from dnsreports when this happens. The question is, can I set the IP of the
> > server that is set to IP passthrough to the public IP and should this solve
> > the conflicting address problem?
>
>
>
.
- Follow-Ups:
- Re: newbie to DNS
- From: Ace Fekay [MVP]
- Re: newbie to DNS
- References:
- newbie to DNS
- From: Skip
- Re: newbie to DNS
- From: Steve Duff [MVP]
- newbie to DNS
- Prev by Date: LSA error causing repeated restarts
- Next by Date: reestablish trust relationship
- Previous by thread: Re: newbie to DNS
- Next by thread: Re: newbie to DNS
- Index(es):
Relevant Pages
|
