Using Microsoft DNS for Public domains

Hi all,

Ok, this is going to sound really silly and its probably something
simple. But here is my situation. I have a DMZ at my location. I have a
split-split DNS setup configured. I have two advertisers setup in my DMZ
that are primary/secondary servers for my public domains. I registered
several domain names. On the first domain name I registered two nameservers
at my registrar. For example domainx1.com has nameservers registered as
ns.domainx1.com and ns2.domainx1.com. They both point to their respective
public IP addresses I'm using on my firebox. I have the firebox (using NAT)
forwarding traffic for the first public IP address (for first ns) to the
internal DMZ IP of the primary DNS server. I have the second nameserver IP
forwarded to the internal DMZ IP of the secondary DNS server. On the primary
server I created host records for ns and ns2 and then modified the
nameservers tab for the zones to reflect ns and ns2.domainx1.com with their
public IP addresses. My first question is here, my DMZ is on an isolated
private network with a firebox at the ISP using NAT (One to One NAT). Do I
use the public IP addresses of the nameservers in the nameservers tab and
host records in each zone, or do I leave them as is with the private DMZ IP?

Now I have domain, I have my nameservers, I can ping the nameservers by
name from my home computer on a separate ISP. They go to the correct IP
addresses. In my firebox I am not blocking ICMP traffic, and I'm not
restricting any ports (YET I'm still testing). I cannot ping my domains, and
I can't resolve the website. I have a www record in the domain forward
lookup zone, but it won't resolve from the outside. If I do any nslookup
tests on my domains they all timeout.

So in summary, I guess my question would be, what configuration settings are
necessary and what public IP addressing/forwarding is necessary to get
Microsoft DNS working in a DMZ to host public domains/websites? Do I need to
reference public IP addresses in the zone configuration even though servers
are setup with a private DMZ IP addressing scheme. And what other
configuration would be necessary with nameservers etc? Anything special to
register nameservers with a Microsoft DNS server?

Thanks again
Joe
.

Relevant Pages

  • Re: Using Microsoft DNS for Public domains
    ... I have a DMZ at my location. ... >> name I registered two nameservers at my registrar. ... >> the internal DMZ IP of the primary DNS server. ... or do I leave them as is with the private DMZ IP? ...
    (microsoft.public.windows.server.dns)
  • Re: Using Microsoft DNS for Public domains
    ... I have a DMZ at my location. ... > name I registered two nameservers at my registrar. ... > the internal DMZ IP of the primary DNS server. ... or do I leave them as is with the private DMZ IP? ...
    (microsoft.public.windows.server.dns)
  • Re: Using Microsoft DNS for Public domains
    ... addresses that forward to my two nameserver DNS Servers on my home machine, ... the public IP addresses pointing to the internal DMZ IP addresses. ... >> name I registered two nameservers at my registrar. ... >> the internal DMZ IP of the primary DNS server. ...
    (microsoft.public.windows.server.dns)
  • Re: Root Hints or forwarders?
    ... > My vote is to set to internal forwarding to the ISP and never the dmz. ... Setting it to the DMZ machines means that you internal DNS ... >> Use the forwarding tab on the INTERNAL DNS server properties, ...
    (microsoft.public.win2000.dns)
  • Re: Access from DMZ to internal ?
    ... I have a setup with 3 legs - external, DMZ and internal. ... The DMZ╗network has public IP-addresses - the internal network uses ... DNS server can freely access external DNS server), ... between DMZ server and internal server you should create a static NAT ...
    (microsoft.public.isa.configuration)
Loading