Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS with external Domain not on Internet

Status
Not open for further replies.

CHM1

Technical User
Oct 27, 2000
81
FR
My internal DNS is connected to a FireWall; the FireWall is connected both to Internet and to another external private (not mine) Network. Routing is done accordingly by the FW based on the IP address
I access both networks with IP names; names on the external private network cannot be transfered to my DNS
With my DNS i'd like to resolve in addresses both types of names :
- those on Internet
- those on the private external Net (x.private.fr)
For this I need to access the ISP's DNS for Internet names (OK) and the DNS of the external private net (which address is known : a.b.c.d)

How can i configure my internal DNS to access the DNS' ISP or the private external DNS accordingly based on the machine name that must be resolved ?

Thanks .
 
What you need to resolve from the internet make a "forwarder" to the DNS of the ISP.

On your own DNS you can create a ZONE with the IP-definitions of the external net.
Or you could get define a secondary zone of the external network and then get the info in a zore-transfer from the DNS on the external network.

/johnny
 
Yes, but i can't make a zone-transfer, and i don't know all the names on the external net.

What i need on my DNS is to forward to Internet except for names like x.private.fr which i must forward to a.b.c.d (DNS of the external net). How can i do this.

If i give 2 forwarders in my DNS parameters, as the first (Internet) gives an answer ("this name is unknown"), the second is not questionned...
 
Why can't you just make a zone-transfer?
The problem you have is that without a zone-transfer you will never get the addresses inside the other network into your DNS (except if the resolve also will find them using the internet)
Using forwarders is just a way to offload some of the work from your own DNS to another DNS server.

If the external network is in a company that you work together with I can't see a problem in using zone-transfer.
They can still block your access in there firewall.

Setting up Zone-transfer is easy.

/johnny
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top