Can I use a different external dns name altogether? - TCP-IP

This is a discussion on Can I use a different external dns name altogether? - TCP-IP ; Perhaps you can offer a suggestion: I have a small satellite office that runs Windows 2000 server (Active Directory) for a small internal group. Naturally, you need a DNS server under Windows 2000 AD, which I have. It is named ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Can I use a different external dns name altogether?

  1. Can I use a different external dns name altogether?

    Perhaps you can offer a suggestion:

    I have a small satellite office that runs Windows 2000 server (Active
    Directory) for a small internal group. Naturally, you need a DNS
    server
    under Windows 2000 AD, which I have. It is named
    "ad.satellite.com"...which has been fine since it's internal only.

    Now I need internet presence; but a DNS problem pops up.

    Because "satellite.com" is already a valid/in-use name on the
    internet, I
    can't use it. I need a separate name altogether, for instance,
    "myworkplace.com" to associate with my internal network

    I was trying to set up a 2nd DNS server to be our "external" one,
    which I
    figured could point to our internal (ad.satellite.com) one &
    vice-versa.

    I'm thinking I'd have 2 DNS servers - one for my internal name
    resolution of
    ..ad.satellite.com. and one to represent the company externally
    (myworkplace.com)

    Can I do that? That is, have a real registered name on 1 DNS server
    map to my internal only DNS server/network? I know typically, you'd
    have a real registered domain name, then a child domain under it.
    But, as I said, I can't use "satellite.com" since it's taken....but
    would have worked nice with my internal "ad.satellite.com"

    regards,
    Bob Z

  2. Re: Can I use a different external dns name altogether?

    Z.Beeblebrox wrote:

    > I have a small satellite office that runs Windows 2000 server (Active
    > Directory) for a small internal group. Naturally, you need a DNS
    > server
    > under Windows 2000 AD, which I have. It is named
    > "ad.satellite.com"...which has been fine since it's internal only.


    > Now I need internet presence; but a DNS problem pops up.


    > Because "satellite.com" is already a valid/in-use name on the
    > internet, I
    > can't use it. I need a separate name altogether, for instance,
    > "myworkplace.com" to associate with my internal network


    It is fairly common to have an internal and external DNS server
    using the same domain name. The internal server has the internal
    IP addresses, and all internal machines reference it.

    The external server has names and addresses that external machines
    should be able to reach.

    The internal server can be configured with the external server
    as a forwarder, though that is not necessary.

    It is a little more complicated for the administrator to keep
    them up to date, though usually the external server will change
    very rarely. Also, the external server should probably not be
    configured to allow automated updates such as AD does.

    -- glen


  3. Re: Can I use a different external dns name altogether?

    gh> Also, the external server should probably not be
    gh> configured to allow automated updates such as AD does.

    Actually, if Active Directory _were_ involved he could at least configure his
    content DNS server to only accept _secure_ Dynamic DNS updates, which would
    eliminate part of the problem that you are alluding to. (Of course, it would
    still leave the "How secure is 'secure'?" question open.)

    However, one shouldn't really be involving Dynamic DNS updates on the
    "external" content DNS server in a "split horizon" DNS service configuration
    in the first place. Being largely only of relevance to those within the
    organization, the dynamically updated data, that Microsoft Windows servers and
    workstations like to inject into one's DNS database, really belong on the
    "internal" content DNS server.

  4. Re: Can I use a different external dns name altogether?

    ZB> Because "satellite.com" is already a valid/in-use name on
    ZB> the internet, I can't use it. I need a separate name
    ZB> altogether, for instance, "myworkplace.com" to associate
    ZB> with my internal network

    Why is that, then ?



+ Reply to Thread