Domains

[cryptoadm]

Can I have a DNS server with a domain of system.internal; have a website on a server with a name of example.com; another website on a seperate server with a name of mysite.com.

The DNS and web servers will be on a private network 192.168.10 and will have external internet access. The web servers will be behind a Cable modem to and share the IP.

Can both sites use the DNS server on system.internal?

 

[SimonDavies]

You will need to have an external DNS so that external users can browse those webservers, having the DNS server sitting on a 192.168.x address won't work for external resources accessing them because they could also be using the 192.168.x address. Also unless you have a static address you will find that your servers stop serving every time the IP does.

What you may find more useful is using something like a Dynamic DNS solution like DynDNS or DynIP instead. This will allow you to host services on machines that have their client installed on, that way you could simply set up each server with a DynDNS or DynIP client and start serving straight away, publish your website using the client (for example example.dynip.com or mysite.dyndns.com)

Have a look at

http://www.dyndns.com

or

http://www.dynip.com

for more information.

Simon

The real world is not about exam scores, it's about ability.

 

[cryptoadm]

Thanks for the informaton.

If I got a static IP can I have the DNS and 2 web servers all point to the same static IP and have the DNS and web servers be external on the 192.168.x network?

Also, since one domain is example.com and the other domain is mydomain.com can they share the same DNS server and have different zones? If they can share the same DNS server and have separate zones then how would DNS account for both domains being on the same private network (192.168.10/.200,.201) and sharing the same external IP?

 

[SimonDavies]

You're talking about having an AD DNS zone acting as an external DNS server as well? I really wouldn't be doing that, you should make sure that you set up a DMZ (an area of your network that sits between the internet and your internal LAN) and have your websites hosted there, get a couple of static IP's from your ISP and have them allocated to a network interface on each server (you can do this from a single server btw, just have both IP addresses allocated to the same machine). Doing it this way would allow you to not have to host your own DNS for the external sites but still allow you to host the actual servers (I do have to warn you tho, hosting your own servers on a shared line can cause you issues if the site starts getting busy and you are also using the link for other traffic).

In an ideal world you really would want the servers hosted externally.

Simon

The real world is not about exam scores, it's about ability.

 

[ITPangaeaArchitect]

ok so here's the deal (and I am going off assumption of Microsoft technology being used, but it applies either way):

first off, yes, you can host as many websites as you'd like named anything you like and have the zones hosted on one DNS server. i will give an example in a sec...

second, I am assuming you already own the public domain names necessary, and you have access to the domain DNS information via the registrar for those domains AND i assume you already have a static IP address for the public/ISP side of your network.

With all that being said, a possible solution:

1. install dns on a member or standalone server (don't use your DC for security reasons)
2. create all your public zones on the member server's dns config as primary zones
3. manually add the host records for the public name of your webserver in the applicable zone
4. adjust registrar DNS to point to the static ISP IP address of your network
5. set up port forwarder for dns requests from the public side on port 53 to go to your member server at the router or firewall

- Brandon Wilson
MCSE:Security00/03; MCSA:Security03
MCSA:Messaging00; MCP; A+
IT Pangaea (

http://it-pangaea.com)