DNS dilemma

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

well here i go again.
DNS resolution for the public name of the company aaa.com is done by ISP,
localy we have DNS which is SOA for the aaa.com and all the entries are
static, any changes are done manually on both the ends.
Now i am upgrading the domain and thought of craeting the AD domain as
local.aaa.com and child domain stepchild.local.aaa.com.

Do i have to delegate child zones for both
local.aaa.com
stepchild.local.aaa.com

since DNS zone aaa.com is not AD integrated..what is the best way to do this.

thanks
 
Sin Joe said:
well here i go again.
DNS resolution for the public name of the company aaa.com is done by ISP,
localy we have DNS which is SOA for the aaa.com and all the entries are
static, any changes are done manually on both the ends.
Click to expand...

It's called "Shadow DNS" and it quite normal.
Now i am upgrading the domain and thought of craeting the AD domain as
local.aaa.com and child domain stepchild.local.aaa.com.
Click to expand...

If you already have the AD domain you will have trouble
changing it's name (not possible to change these in Win2000.)
Do i have to delegate child zones for both
local.aaa.com
stepchild.local.aaa.com
Click to expand...

You don't have to delegate local.aaa.com FROM aaa.com publicly
if you don't wish anyone to be able to follow that recursively from
the Internet -- you do have to delegate it if you will still run aaa.com
DNS internally OR if you have any DNS clients who must be able
to follow the recursive chain of delegation from the top down through
aaa.com to local.aaa.com.

Chances are you don't need this delegation.

Chances are you probably do need the delegation from
local.aaa.com to stepchild.local.aaa.com if both are internal.

(Wouldn't that be "grandchild" though?)
since DNS zone aaa.com is not AD integrated..what is the best way to do
Click to expand...
this.

If you need it (unlikely), then just add the delegation records at the
Primary. This varies by DNS product (BIND, MS, version, etc.).

If it is MS, you just right click and do "new delegation".

In any case you are just adding the child zone NS record (and
perhaps the A record for each such NameServer.)
 
test reply please disregard
Herb Martin said:
It's called "Shadow DNS" and it quite normal.


If you already have the AD domain you will have trouble
changing it's name (not possible to change these in Win2000.)


You don't have to delegate local.aaa.com FROM aaa.com publicly
if you don't wish anyone to be able to follow that recursively from
the Internet -- you do have to delegate it if you will still run aaa.com
DNS internally OR if you have any DNS clients who must be able
to follow the recursive chain of delegation from the top down through
aaa.com to local.aaa.com.

Chances are you don't need this delegation.

Chances are you probably do need the delegation from
local.aaa.com to stepchild.local.aaa.com if both are internal.

(Wouldn't that be "grandchild" though?)

this.

If you need it (unlikely), then just add the delegation records at the
Primary. This varies by DNS product (BIND, MS, version, etc.).

If it is MS, you just right click and do "new delegation".

In any case you are just adding the child zone NS record (and
perhaps the A record for each such NameServer.)
Click to expand...
 
Back
Top