Need help on setting up win2000 dns

  • Thread starter Thread starter Yui
  • Start date Start date
Y

Yui

Again, I am tring to setup the same DNS server for both
Sorry you can't use the same MS DNS server for Public and Private domains of
the same name. You will have to split this into two different DNS servers.
One with a public zone publishing only public records, one with the private
zone publishing private records for the internal machines.
BIND is supposed to be capable of this.
Click to expand...

Thanks.
I split that into two server, the one in LAN is for Private zone and
the other in DMZ is for Public zone, and I can reach the internet
without any problems.
As of the public DNS server, I successfully get it in operation with
the private IP on its interface.
 
In
Yui said:
Thanks.
I split that into two server, the one in LAN is for
Private zone and the other in DMZ is for Public zone, and
I can reach the internet without any problems.
As of the public DNS server, I successfully get it in
operation with the private IP on its interface.
Click to expand...

The interface IP of a DNS server is not relevant, as long as it publishes
only records with public addresses, and it can be accessed by a public IP
address that is NATed to it.
 
The interface IP of a DNS server is not relevant, as long as it
publishes
only records with public addresses, and it can be accessed by a public IP
address that is NATed to it.
Click to expand...

Dear Kevin and Herb,

Thank you for your inputs all.
I am now running the public DNS with the DNS proxy service of
Watchguard Firebox X, so that at least I can minimize the security
risks. Additionally, I have set up the primary public DNS in our
network, but the secondary public DNS is hosted by our ISP.
 
Dear Kevin and Herb,

Thank you for your inputs all.
I am now running the public DNS with the DNS proxy service of
Watchguard Firebox X, so that at least I can minimize the security
risks. Additionally, I have set up the primary public DNS in our
network, but the secondary public DNS is hosted by our ISP.
Click to expand...

You would still be better served (in the long run)
by moving both back to the Registrar if they offer
the service (most do.)

Most ISPs don't have an interface where you can
change your own DNS if they host the Primary, but
practically ever (major) Registrar works this way.
[/QUOTE]
 
Back
Top