Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS Zone Replication

Status
Not open for further replies.
Stin0

Stin0

IS-IT--Management
Nov 8, 2006
21
BE
Hello,

I've got a question about DNS-zone replication.
We have a domain consisting of 3 sites...
On 1 site we have a webserver in a DMZ and is only accessible for that site via the LAN. The other sites have to go through the internet.
This has something to do with the configuration of the VPN-router and the settings of the webserver.

on that site (webserver) we pointed the dns towards the webserver. No problem... everything works.
But I would like to change the DNS entries of the specific zone on the other sites.

It doens't help to disallow dynamic updates.
It doesn't help to disallow zonetransfers.

How can I configure the DNS-servers to have a zone that doesn't update or change when changing the entries on the other sites...

Simply put:
How do I have a zone that has local lan-ip's and on the other 2 DNS-servers I have the internet-ip's.

Thanx in advance.

Kindest Regards,


Stijn
 
Sort by date Sort by votes
Trying to understand this:
You have 3 DNS servers across 3 sites?
1 DNS server at the same site with the DMZ has an entry that points to an internal IP so that clients are pointed to the DMZ on an internal interface and therefore reach the webserver 'internally'.

The DMZ is also connected to a web facing interface that the other two sites access via the web as 'normal'.

Is that right?

And the problem you're having, somehow, is the the DNS servers are replicating records across the sites? Which then messes things up?
 
Upvote 0 Downvote
1)3 dns / AD on 3 sites ( 1 AD-DC + DNS on each site)
they are connected through VPN

2)1 dns points to the internal webserver in a DMZ in the same site. The other 2 DC's point to the same webserver via the internet. So this means that the same zone on the 3 sites have different A-reords on 2 sites. 1 DNS has internal ip's to resolve... the other 2 have to resolve them over the internet.

3)When I change an A-record it replicates automatic with the other DC's... All good for the other zone's, but I do not want that to happen for that one specific zone...
It doens't help to disallow dynamic updates.
It doesn't help to disallow zonetransfers.


Maybe it's simple, and I just have to take that zone out of Active directory. But I haven't tested it sofar.

Regards,

Stijn



 
Upvote 0 Downvote
Yep,

Thanx for the reply.
That was indeed the cause of the constant replication.
I needed to take it out of the AD.
Going to play a bit more with this...

Thanx,

Greatest Forum, best replies...

Regards,


Stijn
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
307
suncit
suncit
fredmartinmaine
  • Locked
  • Question
Domain Controller without DNS Server
Replies
4
Views
333
fredmartinmaine
fredmartinmaine
telecotek1
  • Locked
  • Question
strange DNS issue
Replies
1
Views
144
telecotek1
telecotek1
evr72
  • Locked
  • Question
Wundows Server 2003 DNS can resolve names but not ip addresses
Replies
0
Views
55
evr72
evr72
rrmcguire
  • Locked
  • Question
group policy to set dns
Replies
2
Views
149
rrmcguire
rrmcguire

Part and Inventory Search

Sponsor

Back
Top