Internet - Intranet DNS

Archived from groups: microsoft.public.win2000.dns (More info?)

Hello,

This is my problem:

I want to setup the following DNS configuration:

1. One DNS (DNS1) to resolve Internet host names

2. Another DNS (DNS2) to resolve Intranet names

3. Clients with:

Preferred DNS Server: DNS1

Alternate DNS Server: DNS2

Then when a client try to resolve a Internet host name it will be resolve by
DNS1 if the client try to resolve an Intranet host name, and as DNS1 can't
resolve it, it will be resolve by DNS2.

I have set up this scenario but does not work. Could someone help me?
7 answers Last reply
More about internet intranet
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    Actually you might want to consider setting them both up as AD integrated
    DNS.
    See:
    http://support.microsoft.com/default.aspx?scid=kb;en-us;275278&Product=win2000

    This will resolve everything on your AD domain.


    For Internet access configure forwarders and list your ISP's DNS server as
    the forwarder.
    See:
    How to: Configure DNS for Internet Access In Windows 2000

    http://support.microsoft.com/default.aspx?scid=kb;en-us;300202


    Everything it can't resolve will get forwarded to your ISP's DNS servers.


    hth

    DDS W 2k MVP MCSE

    "Microsoft News" <e_arias@viabcp.com> wrote in message
    news:OT4uJ$qaEHA.3664@TK2MSFTNGP12.phx.gbl...
    > Hello,
    >
    > This is my problem:
    >
    > I want to setup the following DNS configuration:
    >
    > 1. One DNS (DNS1) to resolve Internet host names
    >
    > 2. Another DNS (DNS2) to resolve Intranet names
    >
    > 3. Clients with:
    >
    > Preferred DNS Server: DNS1
    >
    > Alternate DNS Server: DNS2
    >
    > Then when a client try to resolve a Internet host name it will be resolve
    by
    > DNS1 if the client try to resolve an Intranet host name, and as DNS1 can't
    > resolve it, it will be resolve by DNS2.
    >
    > I have set up this scenario but does not work. Could someone help me?
    >
    >
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:OT4uJ$qaEHA.3664@TK2MSFTNGP12.phx.gbl,
    Microsoft News <e_arias@viabcp.com> posted a question
    Then Kevin replied below:
    > Hello,
    >
    > This is my problem:
    >
    > I want to setup the following DNS configuration:
    >
    > 1. One DNS (DNS1) to resolve Internet host names
    >
    > 2. Another DNS (DNS2) to resolve Intranet names
    >
    > 3. Clients with:
    >
    > Preferred DNS Server: DNS1
    >
    > Alternate DNS Server: DNS2
    >
    > Then when a client try to resolve a Internet host name it
    > will be resolve by DNS1 if the client try to resolve an
    > Intranet host name, and as DNS1 can't resolve it, it will
    > be resolve by DNS2.
    >
    > I have set up this scenario but does not work. Could
    > someone help me?

    That is not exactly how the resolver works, and you can't configure it this
    way. If DNS1 does not answer within 1 second it queries DNS1 and DNS2, if
    either answers with either a positive or negative answer the query stops.
    Whichever DNS answers first is moved to the preferred position until TCP/IP
    is reset.

    All DNS servers in your NIC must be able to answer all queries, you cannot
    have one resolving internal and one resolving external. BOTH must be able to
    resolve BOTH internal _AND_ external.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ============================
    --
    When responding to posts, please "Reply to Group" via your
    newsreader so that others may learn and benefit from your
    issue. To respond directly to me remove the nospam. from my
    email. ==========================================
    http://www.lonestaramerica.com/
    ==========================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ==========================================
    Keep a back up of your OE settings and folders with
    OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ==========================================
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    On Thu, 15 Jul 2004 16:07:48 -0500, "Microsoft News"
    <e_arias@viabcp.com> wrote:

    >This is my problem:
    >
    >I want to setup the following DNS configuration:
    >
    >1. One DNS (DNS1) to resolve Internet host names
    >
    >2. Another DNS (DNS2) to resolve Intranet names
    >
    >3. Clients with:
    >
    >Preferred DNS Server: DNS1
    >
    >Alternate DNS Server: DNS2
    >
    >Then when a client try to resolve a Internet host name it will be resolve by
    >DNS1 if the client try to resolve an Intranet host name, and as DNS1 can't
    >resolve it, it will be resolve by DNS2.
    >
    >I have set up this scenario but does not work. Could someone help me?

    Change your scenario. ALL clients point only to DNS1. DNS1 forwards
    to DNS2.

    Jeff
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    Thanks all for your answers.

    What happen is that our security police restrict that kind of configuration
    (forwarding), then the Internal DNS (DNS2) must not resolve Internet host
    names.

    Someone tell me that I can resolve this problem installing a Proxy (ISA)
    server that handles the DNS request for Internet names.

    Do you know something about it?

    Thanks


    "Jeff Cochran" <jeff.nospam@zina.com> escribió en el mensaje
    news:40fcd183.171225609@msnews.microsoft.com...
    > On Thu, 15 Jul 2004 16:07:48 -0500, "Microsoft News"
    > <e_arias@viabcp.com> wrote:
    >
    > >This is my problem:
    > >
    > >I want to setup the following DNS configuration:
    > >
    > >1. One DNS (DNS1) to resolve Internet host names
    > >
    > >2. Another DNS (DNS2) to resolve Intranet names
    > >
    > >3. Clients with:
    > >
    > >Preferred DNS Server: DNS1
    > >
    > >Alternate DNS Server: DNS2
    > >
    > >Then when a client try to resolve a Internet host name it will be resolve
    by
    > >DNS1 if the client try to resolve an Intranet host name, and as DNS1
    can't
    > >resolve it, it will be resolve by DNS2.
    > >
    > >I have set up this scenario but does not work. Could someone help me?
    >
    > Change your scenario. ALL clients point only to DNS1. DNS1 forwards
    > to DNS2.
    >
    > Jeff
  5. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:uBd9Rx0aEHA.1764@TK2MSFTNGP10.phx.gbl,
    Microsoft News <e_arias@viabcp.com> asked for help and I offered my
    suggestions below:
    > Thanks all for your answers.
    >
    > What happen is that our security police restrict that kind of
    > configuration (forwarding), then the Internal DNS (DNS2) must not
    > resolve Internet host names.
    >
    > Someone tell me that I can resolve this problem installing a Proxy
    > (ISA) server that handles the DNS request for Internet names.
    >
    > Do you know something about it?
    >
    > Thanks
    >
    >

    If your policy doesn't allow internal DNS resolving Internet names, your
    best bet is ISA. Do keep in mind, when a forwarder is configured, its still
    protected from the Internet since it is not handling queries outside of the
    network's scope, rather its sending the query to your ISP's DNS and the
    answer is returning from that machine.

    Here's more info on ISA. ISA is a separate topic in itself.
    http://www.microsoft.com/isaserver/

    Microsoft Internet Security and Acceleration (ISA) Server- An Overview of
    Feature Pack 1- Thursday, February 20, 2003:
    http://support.microsoft.com/default.aspx?kbid=813774

    If you like to learn more about it, I can suggest to post to the ISA
    newsgroup with specific questions.

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Active Directory

    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  6. Archived from groups: microsoft.public.win2000.dns (More info?)

    MN> [...] our security police restrict that kind of
    MN> configuration (forwarding) [...]

    For a concrete reason? Or because they don't understand it?

    MN> then the Internal DNS (DNS2) must not resolve
    MN> Internet host names.

    I'm leaning towards the "Your 'security police' don't understand the DNS."
    hypothesis, upon reading this.

    If you want your machines to be capable of using both "internal" and
    "external" domain names, then some DNS server somewhere *must* be capable
    of handling both sets of names. The splitting in "split horizon" DNS
    service is *always* done on a DNS server somewhere. It cannot be done on
    DNS clients because no DNS client (that I know of) has the capability
    for doing it.

    <URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/dns-split-horizon.html>
  7. Archived from groups: microsoft.public.win2000.dns (More info?)

    MN> I want to setup the following DNS configuration:

    You want to do something that won't work.

    MN> 1. One DNS (DNS1) to resolve Internet host names
    MN> 2. Another DNS (DNS2) to resolve Intranet names
    MN> 3. Clients with:
    MN> Preferred DNS Server: DNS1
    MN> Alternate DNS Server: DNS2

    Instead, configure your clients to use only DNS2, and have DNS2 capable of
    resolving queries for both "internal" and "external" names (either by
    performing query resolution itself or by forwarding queries for "external"
    names on to DNS1).
Ask a new question

Read More

Intranet DNS Server DNS Internet Windows