it4bwk
MIS
I hope someone can share some advanced insight into this issue....
I recently took over the admin of our Internet domain. Our primary DNS is provided by a Tier 1 provider. We switched our company's Internet connection to a direct T1 from a 128k line we shared thru a sister company.
Obviously I had to change our MX host record. I had the provider make the change pointing to the new IP of our mail server. Our one and only mail server was 3rd in the priority list of MX records. Once I found this I had the provider remove the bogus MX records. Now the public DNS info is current and correct.
Once the DNS updates began to filter thru the Internet, my internal network clients (win 9x) lost connectivity to the Exchange 5.5 server running on an NT4 box.
I was completely baffled on the first two calls, then more came in.
We run internal DNS cache servers for our clients (win 9x) due to the slow response we had via the shared connection with our sister company. My last test on that link had our DNS servers 13 hops away. (We had alot of 404 browser errors.)
Bottom line... I had to enter our external zone information into our internal DNS servers but substitute the internal IP address of the Exchange 5.5/NT4 server in the host record.
WHY?? Why were my clients using DNS to resolve the internal hostname of the Exchange box?
I have this feeling that my clients were going up the shared 128k Internet link for name resolution and coming back thru my sister company's firewall to access our internal Exchange server. A while ago I had observed many 'external' IP connections to our Exchange Box using "netstat" but didn't have a clue what I was looking at.. now I have a better understanding and it scares me...
Our new connection is protected by a firewall that is locked down pretty tight, so this is playing a big role in denying my client's return access via the "usual" method they had been using.
Prior to our internal DNS changes I had tested name resolution by pinging the internal hostname of the server, it came back with the external IP address (I use external DNS servers on my machine). Everything I thought I knew about host name resolution just took a crap.
Does the Exchange Client (Outlook 2k) handle this resolution differently? A different search order?
We run WINS internally (p-node to avoid chatter), my clients are all over the file shares of this server via Netbios name.
Our network is running, clients are happy, but the IT guy is in a slight fog... anyone shed any light on the subject??
Thx... Jerry
I recently took over the admin of our Internet domain. Our primary DNS is provided by a Tier 1 provider. We switched our company's Internet connection to a direct T1 from a 128k line we shared thru a sister company.
Obviously I had to change our MX host record. I had the provider make the change pointing to the new IP of our mail server. Our one and only mail server was 3rd in the priority list of MX records. Once I found this I had the provider remove the bogus MX records. Now the public DNS info is current and correct.
Once the DNS updates began to filter thru the Internet, my internal network clients (win 9x) lost connectivity to the Exchange 5.5 server running on an NT4 box.
I was completely baffled on the first two calls, then more came in.
We run internal DNS cache servers for our clients (win 9x) due to the slow response we had via the shared connection with our sister company. My last test on that link had our DNS servers 13 hops away. (We had alot of 404 browser errors.)
Bottom line... I had to enter our external zone information into our internal DNS servers but substitute the internal IP address of the Exchange 5.5/NT4 server in the host record.
WHY?? Why were my clients using DNS to resolve the internal hostname of the Exchange box?
I have this feeling that my clients were going up the shared 128k Internet link for name resolution and coming back thru my sister company's firewall to access our internal Exchange server. A while ago I had observed many 'external' IP connections to our Exchange Box using "netstat" but didn't have a clue what I was looking at.. now I have a better understanding and it scares me...
Our new connection is protected by a firewall that is locked down pretty tight, so this is playing a big role in denying my client's return access via the "usual" method they had been using.
Prior to our internal DNS changes I had tested name resolution by pinging the internal hostname of the server, it came back with the external IP address (I use external DNS servers on my machine). Everything I thought I knew about host name resolution just took a crap.
Does the Exchange Client (Outlook 2k) handle this resolution differently? A different search order?
We run WINS internally (p-node to avoid chatter), my clients are all over the file shares of this server via Netbios name.
Our network is running, clients are happy, but the IT guy is in a slight fog... anyone shed any light on the subject??
Thx... Jerry
