On Sunday 05 November 2006 05:06, Mohamed Navas V wrote:
> Hi,
> We have to setup two primary servers for the subdomain
> ''abc.example.com'' residing inside firewall and protected from
> Internet. Two secondary servers will be placing in DMZ.. These servers
> are resolving external internet users to some internal machines. The
> primary servers are supposed to be for the internal DNS, but some of
> the hosts have to access from the internet.
>
> We are supposed to provide a forwarder for handling internal name
> server queries for Internet domain names
>
> Pls advice me with suitable guidelines for the above setup.
>
> thanks,
>
> Navas.


before a recommendation could be made, i must first ask, are you (deliberatly)
transfering this internal zone to the DMZ server, and if so, why?

your internal server should be more than adequate to lookup any internet hosts
that the internal client need, surely there is no need for an internal server
that resolves internal hosts, and an external server for internet hosts,
*both* to be intended for use by internal clients?

without any further information, my recommendation would be to eliminate the
DMZ server, and just let the internal one lookup internet hosts for internal
clients.

cheers,
jonathan