Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS zones and WINS

Status
Not open for further replies.
JVKAdmin

JVKAdmin

IS-IT--Management
Dec 28, 2001
155
0
0
CA
Hi,

I have a question regarding DNS zones and Wins. Currently our network is using an ISP to host our DNS information. Currently our network set up is comprised of a DMZ zone and then our local network is behind a firewall with Network Address Translation enabled. After the firewall we are using Wins for the naming resolution. We are using all NT4 servers. I have run into a problem where an intranet site of ours running on the same machine as our newly installed exchange server is having problems since I added our domain suffix to the network properties. The intra net site was installed before the exchange server and before we added the our domain of "jvk.net" to the IP configuration hostname in the network properties of that server. Now the exchange server works when we installed it but the intranet site now tries to go to the ISP DNS to resolve its own computer name instead of staying inside. I have tried using the HOSTS file for the same server but once I specify the DNS zone of jvk.net into the network properties the system switches to using DNS. The reason for server trying to find itself is due to the design of the Web software components (for those interested the name of the software is Crystal Decisions Crystal Enterprise). Our firewall then blocks the attempt to come back in side the LAN (we don't want to open the ports on the firewall for this or rely on our ISP for DNS entries since we are thinking about switching). My question then is if I install DNS into the LAN with the same zone name am I going to have a problem since our ISP is hosting with the same zone name or can I set it up and use it only for intranet resolution and forward all other requests to the ISP's DNS server? The other thing is what could we do if we decide to host our own DNS in the future instead of having our ISP host it?

Any insight would be appreciated

Thanks
 
Sort by date Sort by votes
We have a very similar setup to what you are proposing. Internal WINS, Internal DNS, Firewall and ISP hosted DNS for external resolution.
What it appears you need is an internal DNS server as you could then tell your internal computers to resolve the jvk.net to the internal range of IP addresses. Any external computers would still use external DNS and resolve to the external address. The internal DNS should be configured to receive information from the ISP's DNS server so that your internal computers can still resolve hosts on the internet where required.
When you configure it, assuming that your IP range is 192.168.1.x it should look something like:
DNS Server
Cache
1.168.192.in-addr.arpa
jvk.net

The 1.168.192 bit is for reverse lookup. If you don't want the users to have to type the FQDN to get to internal servers, enable the WINS lookup option on the domain jvk.net
 
Upvote 0 Downvote
HI.

* You can remove the domain name from the network settings.
This may solve some problems.

* Yes, you can configure an internal DNS zone for Intranet use only.
This will not conflict with the external clients as they will still use the external DNS managed by your ISP.
The only possible problem with this is administration - you will need to duplicate all needed DNS info like MX record.
This is not a big deal but might pose a bit more dificulties when troubleshooting mail and other DNS related issues.
Anyway, I recommend the internal DNS solution as it can also improve performance and relibility (your clients and servers won't suffer too much when the WAN link to ISP fails or stammerer and therefor external DNS is slow to repond.

* What firewall do you have?
The CISCO PIX firewall for example has an "alias" command that can translate DNS responses to local addresses on the fly if you are using an external DNS server only.

Bye

Yizhar Hurwitz
 
Upvote 0 Downvote
Hi,

Thanks for the info, but what i did end up doing was using the HOSTS file for each of the servers to see themselves in the local network and have our ISP add a DNS entry in their DNS for now. We need the DNS domain name in order for the exchange server to properly do our naming. It ended up that the webserver application needed to be reinstalled due to naming problems anyways. Apparently it wasn't trying to use any ports out and back in again just an issue with naming which gets generated upon installation. We won't be implementing a full blown DNS in the Intranet yet due to Legacy ERP and other Applications and the unknown effects on them. Until we go to Windows 2000 or have another need it won't be necessary which may not be for a while. Our Firewall is Watchguard Firebox.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
143
suncit
suncit
fredmartinmaine
  • Locked
  • Question
Domain Controller without DNS Server
Replies
4
Views
163
fredmartinmaine
fredmartinmaine
bechna
  • Locked
  • Question
Windows Server and VPN Setup
Replies
1
Views
63
DrB0b
DrB0b
telecotek1
  • Locked
  • Question
strange DNS issue
Replies
1
Views
65
telecotek1
telecotek1
geneg28
  • Locked
  • Question
Active Directory and Linux Servers
Replies
0
Views
39
geneg28
geneg28

Part and Inventory Search

Sponsor

Back
Top