Re: Need Help from DNS Expert on Subdomain DNS Records
- From: "Kevin D. Goodknecht Sr. [MVP]" <admin@xxxxxxxxxxxxxx>
- Date: Tue, 12 Jun 2007 18:08:53 -0500
Read inline please.
In news:509280B8-6130-4BE8-AA9A-B65176D491C2@xxxxxxxxxxxxx,
razor <razor@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
No. We host three websites on our webserver and this particualr one
that we are having issues with is not the same as our AD domain name.
When you use nslookup to resolve these names do you get the correct internal
IP addresses?
In addition, let's go in to further detail on your original post.
We have an issue with being able to access a domain and it's sub
domain from within and outside our firewall. We had it working with
our old firewall, but we changed firewalls Friday and now it won't
work.
Internally or externally?
Here's our scenario: We have a namespace called 'domainname.com'
with a DNS Host A entry for the IP address associated with the name
of the website in our internal IIS server. We also have a sub
domain named, 'dev' that we used to have the same IP address as the
namespace, but since our new firewall will not allow more than one
public IP to point to the same private IP,
This is confusing, firewalls should not do this. If your talking about NAT
mapping, you should be able to map multiple public IPs to on private IP, now
you can not map one Public IP to more than one private IP. But the Private
IP should be able to have as many public IPs mapped to it as you want,
although it would seem to be a waste of Public IPs.
Now everything is whacky. Some of our clients inside the firewall
can access the 'dev' site and some cannot. Some can access the
parent
site and some cannot, and those that can connect, can only do so
intermittently.
You need to verify that the all DNS servers assigned to a the DNS Client be
able to resolve every name it needs to resolve to the correct IP address.
Some people attempt to have the Preferred and Alternate DNS resolve
different namespaces. I won't happen that way, the DNS client tends to stick
to the last DNS Server that responds. If one is an internal DNS and one is
an external DNS, this will get you into trouble because both cannot resolve
both the internal and external namespaces.
If we change the parent and the child Host A records to be the same
IP, we cannot access the child site from outside the LAN/Firewall
because of the new firewall policy with only one public IP per
private IP pointer.
Both the parent domain and child or sub domain IP addresses are in
the IIS server's TCP/IP properties in it's NIC card.
What do you mean "Both the parent domain and child or sub domain IP
addresses are in the IIS server's TCP/IP properties in it's NIC card"?
Are they or are they not on the same IP address?
NAT is 1 to 1 IP mapping, On Public IP to one private IP, you can't map one
public IP to two private IPs. But, you should be able to map two public IPs
to one private IP using standard NAT IP/port mapping.
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
.
- Follow-Ups:
- References:
- Re: Need Help from DNS Expert on Subdomain DNS Records
- From: Kevin D. Goodknecht Sr. [MVP]
- Re: Need Help from DNS Expert on Subdomain DNS Records
- From: razor
- Re: Need Help from DNS Expert on Subdomain DNS Records
- Prev by Date: Re: ping ComputerName often fails
- Next by Date: Re: Zone Transfer between AD-I and non AD-I DNS
- Previous by thread: Re: Need Help from DNS Expert on Subdomain DNS Records
- Next by thread: Re: Need Help from DNS Expert on Subdomain DNS Records
- Index(es):
Relevant Pages
|
