Hosting multiple domains on the same domain controller?

[BarryMVS]

Hi all,

I have two domain controllers running my domain for me. They are both acting as DNS servers, as well as running IIS. One of them is also acting as an email server.

They are both running happily under their main domain name and hosting the main web site without any problems.

I want to host another two domains from the same servers, but I'm having problems setting up the DNS entrys so that I have MX records and so I am pointing to the correct server for the web page.

Any surgestions or advice would be most welcomed.

Thanks,

Barry

ICT Network Administrator
IT Services Manager

 

[jpaf]

I'm not sure I follow what you are trying to achieve, can you please clarify a few points here:

1) When you say "hosting domains from the same servers" I'm assuming you mean web-sites and not actual NT domains?
2) What are the problems you are having or to be more precise what have you tried and what happens when you try it?
3) MX records are for mail servers, why are you setting MX records for web pages?

Thanks
jpaf

 

[BarryMVS]

jpaf,

I am trying to host two other web sites from the same server, these site receive email to their domain addresses so I need MX records on the DNS for these domains also.

I have created additional domains on the DNS so that all three domains are now avalible in the Active Directory.

I have registered the main hostname and domain name as the NameServer for the secondary domains, but I can not get the web site to appear when I type in the secondary domain address. It says that the server can not be found.

What DNS records should I create for the domains in order to get the email and websites set up correctly?

Thanks for your help,


Barry

ICT Network Administrator
IT Services Manager

 

[jpaf]

OK, that explains the MX record. Have you set up an A record (Address record) for the website in the forward lookup zone in DNS? THe MX record relies on this A record to route mail.

Thanks
Jpaf

 

[BarryMVS]

jpaf,

I have created a host file (A record) for the server running the email and the web site for the scondary domain.

One thing that crossed my mind is that my servers are behind a firewall. Could it be that the firewall has locked down the DNS port?

If so, do you know which port DNS servers use?

Thanks,



Barry

ICT Network Administrator
IT Services Manager

 

[jpaf]

I think DNS uses Port 53 but if your other sites are resolved OK then I'm not sure this is the issue.

Have you tried flushing the DNS cache on the machine you are using?

Regards
jpaf

 

[BarryMVS]

jpaf,

The only site that is resolved at the moment is the main domain site which is being supported by my the nameserver of the company I registered the domain name with.

Their DNS records point to my servers and find the web page. At the moment, I'm not sure if any of my DNS records are working. I have opened up port 53 on the firewall so the DNS lookup should work ok.

The main domain name is bksgd.co.uk which works fine. THe secondary domain name is jesus-internet.org.uk, which at present returns a 'Cannot find server or DNS Error' message.

I don't know how to flush a dns cache?

Barry

ICT Network Administrator
IT Services Manager

 

[dholbrook]

If you want the other domain name to be visable from the Internet, then it will need an Internet address associated with it, and needs to be a registered name hosted by your ISP (or somewhere else) so it properly gets directed to your firewall. If the website is internal to your LAN only, then your DNS server needs to provide the routing to the correct ports on the web server so it an be resolved.

If this address is not different from the one your current domain is using, how would you expect your firewall to know where to route the information, and further more, how would you expect your web server to resolve the query to anything other than the original web site?

The second name should use a different port than the original web site so the web server can know that web traffic on port xyz belong to the new web site and can then handle it accordingly. The firewall will simply redirect the query for the IP address of xyz to the correect port on the webserver, not to the regular web port.

HTH,

DAvid

 

[BarryMVS]

dholbrook,

Thanks for your advice.
I have two web servers, the first running the main domain site, the second running the secondary domains.

All the domain names have been regisered with the same company and the secondary domains have been registered as using my DNS servers as their NameServers.

I have opened port 53 on my firewall so that the DNS requests should go through OK.

I only have one IP address which points to the router/firewall. This then forwards the active port to the correct internal IP address.

I have a horrible feeling the DNS system isn't going to work on internal IP addresses only.

If this is the case then I will have to go back to running them all from the same server and use the web forwarding system provided by my registration company.

Thanks for your help,

Barry

ICT Network Administrator
IT Services Manager

 

[billieT]

Another quick question, since I have this exact configuration working fine in an environment I manage ... are you testing the DNS connectivity by trying to connect to your websites?

If so, how are the websites configured on your IIS box with the two "secondary sites"? Do you have separate nics, or different IPs bound to your nic, with each IP going to a specific site? Or are you using "host headers" to redirect the web traffic to the appropriate site?

That may be more of the problem, rather than your actual DNS

 

[BarryMVS]

billieT,

I'm glad I've found someone with the same set up. At least know I know it can be done.

Which would you recommend, seperat IP's or headers. At the moment, I am only trying two sites, the primary and a secondary which are both hosted on different PC's with different internal IP's.

I have tried connecting to the secondary site from the PC it is hosted on via it's FQDN, but I get the 'Can not find server or DNS error' message which makes me think it must be something to do with my DNS setup.

Thanks for your help,


Barry

ICT Network Administrator
IT Services Manager

 

[BarryMVS]

Hi all,

OK, I've changed the set up slightly.

I now have all the web sites running from the same server, using the same internal IP address's, but different port numbers.

I have set up my DNS reports on each domain to point to the correct host and I have set up an alias for

http://www which

also points to the correct host under the main domain.
I have set the '_http' record to point to the correct port number.

I have adjusted the router's firewall to allow all the required http ports to run to the same internal ip address.

Checking the DNS by looking for the sites in IE on the server gives the desired results, but when searching for it from a machine not on my local domain, I get the main domain site. D'oh!

Any ideas most welcomed,


Barry

ICT Network Administrator
IT Services Manager

 

[BarryMVS]

Can anyone advise me any further please.

This is begining to drive me crazy!

Hi all,

OK, I've changed the set up slightly.

I now have all the web sites running from the same server, using the same internal IP address's, but different port numbers.

I have set up my DNS reports on each domain to point to the correct host and I have set up an alias for

http://www which

also points to the correct host under the main domain.
I have set the '_http' record to point to the correct port number.

I have adjusted the router's firewall to allow all the required http ports to run to the same internal ip address.

Checking the DNS by looking for the sites in IE on the server gives the desired results, but when searching for it from a machine not on my local domain, I get the main domain site. D'oh!

Any ideas most welcomed,


Barry

ICT Network Administrator
IT Services Manager

 

[dholbrook]

See if I understand correctly:

You are very very confusing when you use "Domain" interchangably with Domain structure and Domain name of a web site, they are different animals, and it would help greatly to understand the problem if you could be a little more specific and identify when you are referring to a web domain name versus a Domain structure.

There are two different problems here, and you will need two diffferent solutions to solve them.

As I understand your explaination, your internal DNS is able to correctly direct the internal users to the different web sites, but external users cannot reach the sites? That means the DNS server is handing out internal addresses tothe internal user requests, which is good.

If this is correct,then I suspect the system is functioning correctly, and the problem is probably because the internal DNS server is handing out internl IP addresses (non-routable on the Internet), not the real world external routable address to the web server. An external user searching for the server address would be routed to your internal DNS server, which hands back the non-routable address to the external request, and they can not use the information. Each web site the will be visable from the outdise, MUST have a real Internet address associated with it for the firewall to handle the request. In addition, this address will be on the external ISP DNS server, so the external ISP DNS server will have the correct address to forward requests to, and the firewall will then redirect the request to the correct server. Internal users, however, will get the correct internal address to directly connect to the correct server from the internal DNS server (which, should be the only one they go to!).

You do not want internal users to have to out to the internet and come back through the firewalll to access the web sites, but all external users should be coming through the firewall. Two problems, with two different solutions.

HTH,

David