DNS on NT server for INTERNAL resolution 1

[marig]

We currently use our ISP DNS servers to resolve requests for internet sites, email stuff...and it works fine.

I now need to set up an internal DNS server to resolve some INTERNAL names to INTERNAL IP addresses.

I am afraid of messing up anything that we already have set up: i.e. our website is hosted elsewhere and I want to make sure that anything I do with an internal DNS server doesn't suddenly start pointing people to our network when they are looking for our website. Since I don't know exactly what I'm doing, I want to make sure that I don't open up some security holes somehow.

Any easy guides or how-to out there for setting up Internal DNS??

Basically, I'd like a computer to resolve a name like "INTERNALCOMP" to an internal IP address 10.0.0.xx. If the computer doesn't find what it's looking for on the internet DNS server (i.e. they are surfing the web), I want it to forward the request to the external ISP's DNS.

Make sense? & thanks for any & all info.

p.s. I have found DNS is my only solution since this is a MAC OS X related problem...so, please no suggestions about WINS or hosts files. Thanks.

 

[yisrael]

I worked through this issue recently with a slightly different application. Here is the way it went for me. As long as your internal DNS server is not registered on the internet (like through network solutions, etc.), you are set to go. Set up the internal DNS server locally and point all of your internal addresses to this DNS server. The extra key is to add a name server record on your DNS server with the address of your ISP's DNS server. The name resolution will go like this after it's all done:

Internal asks for internal --> internal DNS server responds with ip address 10.x.x.x (or something like that).

Internal asks external (i.e. real internet address) --> internal DNS server can't answer so it sends the request to the external isp's dns server. (This happens so quickly it doesn't matter. After it has been asked once before, it will be cached.)

External asks for internal address --> request goes to your ISP's DNS server and never goes to internal DNS server.

My environment has both MAC's and PC's and I have used this solution. Please let me know if this helps solve your problem.

 

[GlenJohnson]

Sounds similar to what I've done with my network. All internal machines have only my internal dns servers listed, my dns servers have my internal and external dns servers listed. When a client tries to resolve a name, it goes only to my internal dns servers. If the internal dns servers don't have the address, they go to the external dns servers for name resolution. Once the internal dns servers have name resolution, it goes into cache, and the clients only have to go to the internal servers from then on. Good luck. Glen A. Johnson
Johnson Computer Consulting
MCP W2K
glen@johnsoncomputers.us

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884

"It's not what you look at that
matters, it's what you see."
Henry David Thoreau (1817-1862); US essayist, poet.

 

[devastator]

So you are saying on the DNS Server to add name servers for my ISP's IP's?

I have a primary and secondary DNS server now with only the primary listed under Name Servers. I added our ISP's DNS servers as the forwarders and under the root hints as well.


Dev

 

[GlenJohnson]

I didn't set up forwarders, but it couldn't hurt. Just the basics. In TCP/IP under dns, list local dns servers first, then isp dns servers. Glen A. Johnson
Johnson Computer Consulting
MCP W2K
glen@johnsoncomputers.us
(815)229.0826

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884
"Fortunately, somewhere between chance and mystery lies imagination."
Luis Buñuel (1900-1983); Spanish filmmaker.