Internal host with external FQDN

  • Thread starter Thread starter dpearson
  • Start date Start date
D

dpearson

Hi all

This is a bit complicated to explain but here goes...

Our internal AD (2003) domain name is holmfield (we didn't put a .com
or a .local as a zone as someone, who shall remane nameless, told me
not to as we were migrating from an NT4 SBS domain).

Our intner IP subnet is 192.168.100.0/24

We have an internet domain (web site and email) of holmfield.com.

We are running Exchange 2003 internally on a single server - it's IP
address is 192.168.100.5

We have a NAT firewall with an external IP address.

Our ISP has added a A record to DNS for mail.sidhil.com pointing to
our external IP address.

The firewall deals with incoming requestion from mail.sidhil.com and
forwards them to our internal Exchange server.

The external access all works fine.

The problem we have is internally as if I as a com zone to our DNS
with a domain of holmfield and then a host of mail (mail.sidhil.com)
- this points to 192.168.100.5 - it woks internally but we lose all
access to .com web sites as out DNS doesn't seem to forward them when
we have the .com zone. How can we work around this so that we have
mail.sidhil.com internally resolves to 192.168.100.5 but all
other .com request forward to the external DNS servers?

Here's hoping someone can help!

Regards

David Pearson
 
Hi all

This is a bit complicated to explain but here goes...

Our internal AD (2003) domain name is holmfield (we didn't put a .com
or a .local as a zone as someone, who shall remane nameless, told me
not to as we were migrating from an NT4 SBS domain).
Click to expand...

This is a problem (for DNS registration) so you really should research the
solutions by Googling:

[ site:microsoft.com single label DNS name ]
Our intner IP subnet is 192.168.100.0/24
We have an internet domain (web site and email) of holmfield.com.
Click to expand...

You can arrange that name EXTERNALLY to point to the correct
IP in the external DNS.

If you use a machine (like this) with a private IP you must also map
the external connection (e.g., port 80 on external address of router/
firewall) to the internal address and port.
We are running Exchange 2003 internally on a single server - it's IP
address is 192.168.100.5
Click to expand...

Same thing as previous paragraph.
We have a NAT firewall with an external IP address.
Click to expand...

You do the service or port mapping on the NAT/Fireall router.
Our ISP has added a A record to DNS for mail.sidhil.com pointing to
our external IP address.
Click to expand...

Then mail.sidhil.com should be configured in the SMTP as the HELO
name used when sending email. Also you should ask the ISP for this
as the PTR or Reverse record value.
The firewall deals with incoming requestion from mail.sidhil.com and
forwards them to our internal Exchange server.
Right

The external access all works fine.

The problem we have is internally as if I as a com zone to our DNS
with a domain of holmfield and then a host of mail (mail.sidhil.com)
- this points to 192.168.100.5 - it woks internally but we lose all
access to .com web sites as out DNS doesn't seem to forward them when
we have the .com zone. How can we work around this so that we have
mail.sidhil.com internally resolves to 192.168.100.5 but all
other .com request forward to the external DNS servers?
Click to expand...

Use the other name internally is one method. Or setup your own version
of the sidhil.com zone internally with the internal IP values.

It's called shadow DNS -- you will be required to track every change on
the external DNS zone in your internal VERSION of the DNS zone manually.
 
Back
Top