DNS Namespaces

  • Thread starter Thread starter antonio
  • Start date Start date
A

antonio

I am new to DNS, when I was setting my network DNS, I did
not follow the internal and external namespaces rule which
suggest to have a DNS server for my LAN and another DNS
server for my external internet name. I setup my LAN's
DNS using only the external internet
name "MyCompanyDomain.com"
My question is: what is the problems on having the same
domainname for my LAN and the internet.

Please any clarification...
 
In antonio <[email protected]> posted a question
Then Kevin replied below:
: I am new to DNS, when I was setting my network DNS, I did
: not follow the internal and external namespaces rule which
: suggest to have a DNS server for my LAN and another DNS
: server for my external internet name. I setup my LAN's
: DNS using only the external internet
: name "MyCompanyDomain.com"
: My question is: what is the problems on having the same
: domainname for my LAN and the internet.
:
: Please any clarification...

There should not be any real big problems, you will have to add hosts from
the public namespace like www, mail, or ftp to the internal DNS namespace.
In order for you to correctly setup these records you will need to point
nslookup to an external DNS preferably the external authoritative DNS and
find how these records are created.
Create the internal records to point to the same IP as the external records
point to, as long as that IP is on the public side of your router.(If you
host your own web site) If you do host your own website, you must use the
website's internal address. Then run ipconfig /flushdns after you create the
record and before you try to access the site again. (negative answers are
cached, too)

The biggest problem you might have is if you are used to accessing your
website by its domain name. (domain.com vs. www.domain.com) To access sites
by only its domain name require a Blank host pointing to the website IP,
this is where it gets sticky, all domain controllers create blank records
for every IP physically on the DC. So when you type domain.com in your
browser, you will get back a domain controller IP. This behavior is required
for GPOs to be applied in the domain (GPOs reside in this share
\\domain.com\SYSVOL\domain.com\policies ) Therefore you should not alter
this behavior unless the DC is multihomed (Multiple NICs) *AND* File and
printer sharing is not enabled on all NICs, the blank host *MUST* point to
an interface that has file sharing enabled. If it is a must that you access
your site by its domain name configure a web site on each DC in IIS that
redirects domain.com to www.domain.com.
 
Back
Top