W
William Flavin
My company has an existing Windows 2000 domain with several domain
controllers. In the past year or so we have deployed many Linux
servers, including 2 registered BIND 9.2.0 DNS servers to host our
internet domains. One of the internet domains uses the same name as
our internal Win2K domain. We have been discussing integrating the 2
systems. I've read a lot about bringing a new Win2K domain into an
existing internal Bind environment, but I haven't seen much
documentation about how it would work in an existing Win2K environment
like we have.
My main concern is that since the Bind DNS servers allow public access
to resolve the internet address, I don't want our internal DNS
information exposed. Is is possible to allow public access to the
public addresses while protecting the internal information? What are
the benefits of integrating these systems? What are the drawbacks?
I've seen in some other posts that the systems should be kept seperate
and forwarders should be used on the Win2K side to resolve the
internet addresses. I'm just looking for some suggestions on how to
procede.
controllers. In the past year or so we have deployed many Linux
servers, including 2 registered BIND 9.2.0 DNS servers to host our
internet domains. One of the internet domains uses the same name as
our internal Win2K domain. We have been discussing integrating the 2
systems. I've read a lot about bringing a new Win2K domain into an
existing internal Bind environment, but I haven't seen much
documentation about how it would work in an existing Win2K environment
like we have.
My main concern is that since the Bind DNS servers allow public access
to resolve the internet address, I don't want our internal DNS
information exposed. Is is possible to allow public access to the
public addresses while protecting the internal information? What are
the benefits of integrating these systems? What are the drawbacks?
I've seen in some other posts that the systems should be kept seperate
and forwarders should be used on the Win2K side to resolve the
internet addresses. I'm just looking for some suggestions on how to
procede.