Possibly the most common DNS question

  • Thread starter Thread starter James White
  • Start date Start date
J

James White

I'm sorry for asking this, but how do you host the domain name used for the
domain?

For example, my domain is domain.com and I want to host that site. The
server 2003 book advised not to use a root name because of problems viewing
the site internally(??). I didn't need people to see the site internally so
I used domain.com for the domain name.

Now all the servers create "same as parent" A records and a name resolution
brings up a different IP each time (even private IP's). I try not to act
like a noob, but in situations like this it is very hard.

Thanks in advance,
James
 
It is quite difficult to configure a single Win2K DNS Server to host both an internal (AD) Domain, and a public DNS presence, and
that is especially true when the public/AD zone name is the same.

For example, if you use NAT the public service IP may be different than the private LAN IP for the same service. Subnet ordering in
DNS alone will not be able to reliably address this. You need separate DMZ networks with a common IP range to make this workable.

So my advice is almost always to locate a public DNS hosting service and use that for your public DNS presence. This is free to
$30/year. It takes the traffic off your WAN link, it reduces the attack surface of your network, and it makes it easy to deal with
this sort of split-personality configuration issue you're running into.

Even when the public domain is quite distinct, I'd still recommend this. More than a few routers are unable to loop to their own WAN
IPs, creating exactly the same issue -- the inside and outside addresses are different.

If you just have to do this anyway, you really should consider putting a second server on your DMZ running the public DNS service.

Steve Duff, MCSE, MVP
Ergodic Systems, Inc.
 
I agree with everything Steve Duff has said. If you are interested in
locating a public DNS hosting place, I use http://www.dns4free.com. Great
outfit and you can do all your own DNS config/maint yourself via a web
interface. You can sign up in 5 minutes, configure your DNS in 5 minutes
(if you know what you're doing) and have full connectivity in approx 2 to 8
hours. Piece of cake. Very very good web interface with entry level to
expert level menus.

Cost? Free if you register the domain with them at $30/2yr or $15/year.

-Frank
 
I'm sorry for asking this, but how do you host the domain name
used for the
domain?

For example, my domain is domain.com and I want to host that
site. The
server 2003 book advised not to use a root name because of
problems viewing
the site internally(??). I didn't need people to see the site
internally so
I used domain.com for the domain name.

Now all the servers create "same as parent" A records and a
name resolution
brings up a different IP each time (even private IP's). I try
not to act
like a noob, but in situations like this it is very hard.

Thanks in advance,
James
Click to expand...

if your Windows AD domain is called DOMAIN.COM then create a DNS ZONE
on the DNS server called DOMAIN.COM. Make it AD integrated and let it
replicate to all DNS servers in the DOMAIN.

Also create a DNS ZONE _MSDCS.DOMAIN.COM on the DNS server and let it
replicate to all DNS servers in the FOREST.

the replication scopes are only possible if your AD is windows 2003

is this an answer to your question?

Cheers,
 
Back
Top