DNS & FORWARD ZONES

[Steven]

I have one Windows 2000 Server, that is the RDC and
presently the only DNS server.

The internal namespace is: internal.company.com
The external namespace is: company.com

I have used seperate namespace because all the stuff I've
read said thats its a good method to use.

Sat in between my LAN and the internet is a UNIX server
that hosts a split level DNS server that is an integral
part of our firewall.

My question is do I need to create a froward zone on my
internal DNS server for company.com?

Any help given would be very much appreciated!!

 

[William Stacey [MVP]]

Guess it depends. You want to use w2k's DNS and AD internally? If so, that
is good way to go. As clients will point to internal dns you can just
create small primary zone of the external space on this internal server with
a copy of the records. You could also create a secondary of the external on
the internal dns server. If your *public services (i.e. www, ftp) are
actually internal with private IPs, then you probably what to use the
internal IP instead of the public IP for internal users. In that case, you
would want to setup a primary zone on the internal server for the external
zone and add the private IP equivilent RRs. If your *nix dns server is host
both for internal and external users, then you can just point the internal
clients to it and get access to both spaces. Depending on NAT, router,
(etc) your internal users may not be able to "see" the public IPs from the
LAN side - easy to check this with a ping or ftp, etc.