Re: Nameserver scenario with advertisers and resolvers

Tech-Archive recommends: Fix windows errors by optimizing your registry

In news:4AEEF246-7E02-487B-AC72-B7DCE559422A@xxxxxxxxxxxxx,
ACE-Joe <ACEJoe@xxxxxxxxxxxxxxxxxxxxxxxxx> made this post, which I then
commented about below:
> Hi all,
>
> If I am going to setup a DMZ with two main DNS servers in a
> Primary/Secondary configuration, but also use 2 advertisers and 2
> resolvers on separate servers, how do I setup the NS records and
> basic DNS configuration? I.E. I have 6 test domains registered. I
> want to setup the nameservers to point to the DNS servers in my DMZ.
> But do I setup nameservers for each of the servers including the
> advertisers/resolvers? Any general configuration tips or suggestions
> here? I'm not very familiar with this type of configuration.
>
> Thanks
> Joe

Still at it? :-)

Keep in mind, the advertiser is the machine that will be hosting your public
records for your clients and the Internet. The nameserver records on these
machines are these machines' nameserver FQDN and IP addresses, since they
are the machines regstered as the nameservers for your external domain name
when you registered them or changed them to. That's important. Keep in mind
as well, they do not have any references to the internal domain whatsoever.
If you put the internal domain data on them, it will 'lame' them. Your
internal DNS have nothing to do with these guys. The only thing on the
internal DNS is to create shadow copies of resources (www, ftp, etc) to
either the external IPs or the internal private IPs, depending on where the
webserver or ftp server, etc, are being hosted.

The resolver will be the ones that are being used as a forwardee from the
internal DNS servers. The resolver, as far as the public is concerned, do
not exist to them. The nameserver records on them do not matter.

Both will be sitting on your DMZ. The internal DNS will have forwarding set
to the 'resolver' which in turn will resolve external names by forwarding to
some external server.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Infinite Diversities in Infinite Combinations.
=================================



.

Relevant Pages

  • Re: Cannt send email
    ... Connection-specific DNS Suffix. ... >> Windows IP Configuration ... >> Ethernet adapter Server Local Area Connection: ... >> There are no external DNS servers configured. ...
    (microsoft.public.windows.server.sbs)
  • Re: "Windows cannot obtain the domain controller name..."
    ... > That DNS configuration is never going to work. ... > I'm going to make an assumption here that you have two domain controllers. ... > Make your AD domain controllers DNS servers and switch to Active Directory ...
    (microsoft.public.win2000.active_directory)
  • Re: DNS registration for PDC only correct on some DNS servers?
    ... RRs out of the zone to achieve a correct DNS configuration. ... the primary zone's properties dialog - you don't have to implicitly name allowed transfer servers via NS records. ...
    (microsoft.public.win2000.dns)
  • Re: What Would Cause ISA to Block GoogleBots?
    ... The reason why we wanted to run DNS on ISA is to isolate the internal DNS ... Isolating Internal DNS Servers ...
    (microsoft.public.isa)
  • Re: routing table problem after power failure (sarge)
    ... > - After playing around with Postfix' configuration, ... back one or more nameserver entries doesn't get DNS going? ... check if one of the TLD servers is responding to you - for example B.NIC.FR ...
    (Debian-User)