Sign in with
Sign up | Sign in
Your question

Public & Private DNS Issue

Last response: in Windows 2000/NT
Share
Anonymous
August 12, 2004 2:58:50 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

BACKGROUND:
We are using the split DNS model where there are separate Public and Private
DNS servers. Our domain name is Company.com in our Public DNS servers and
our internal network uses NET.company.com for our domain in our Private DNS.
Our Private DNS forwards any unknown DNS queries to our Public DNS server.
So for example an internal client request for www.company.com hits our
Private DNS and gets forwarded to our Public DNS for resolution since
Company.com is defined in our Public DNS.


ISSUE TRYING TO RESOLVE:
We have a special website that sits inside our network. This website is
defined in our Public DNS as special.company.com 1.2.3.4 and is front ended
by an ISA server. We would like to add a record to our Private DNS server
so that users would resolve this special.company.com site to 2.3.4.5 which
is the internal address. How do I do this? Can I do this? Is it possible
to simply add a record for a domain without having to define a Zone?


Thanks,
Fred
Anonymous
August 12, 2004 4:26:22 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:elysDVIgEHA.1392@TK2MSFTNGP11.phx.gbl,
Fred Yarbrough <fcyarbrough@yahoo.com> wrote their comments
Then Kevin replied below:
> BACKGROUND:
> We are using the split DNS model where there are separate
> Public and Private DNS servers. Our domain name is
> Company.com in our Public DNS servers and our internal
> network uses NET.company.com for our domain in our
> Private DNS. Our Private DNS forwards any unknown DNS
> queries to our Public DNS server. So for example an
> internal client request for www.company.com hits our
> Private DNS and gets forwarded to our Public DNS for
> resolution since Company.com is defined in our Public
> DNS.
>
>
> ISSUE TRYING TO RESOLVE:
> We have a special website that sits inside our network.
> This website is defined in our Public DNS as
> special.company.com 1.2.3.4 and is front ended by an ISA
> server. We would like to add a record to our Private DNS
> server so that users would resolve this
> special.company.com site to 2.3.4.5 which is the internal
> address. How do I do this? Can I do this? Is it
> possible to simply add a record for a domain without
> having to define a Zone?

Use the DNS management console to open forward lookup zones, start the new
zone wizard name the new zone special.company.com, after you finish the
wizard open the zone create a new host, Leave the name field blank, give it
IP 2.3.4.5 and create. Win2k will bark at you and say "(same as parent
folder) is not a valid host name)" Click OK to create the record anyway.

Then run ipconfig /flushdns to clear the old record out of your computer DNS
cache.



--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
================================================
--
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
================================================
http://www.lonestaramerica.com/
================================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
================================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
================================================
Anonymous
August 12, 2004 5:51:33 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Works like a champ! Cool Trick.... I guess in this instance you are
actually defining an internal zone with this name and mapping the zone to
this address. Does it matter if this Zone is AD Integrated or not? I guess
it depends if you want this internal remapping to be for all of your AD
network.


Thanks,
Fred



"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:etzD%23FJgEHA.1656@TK2MSFTNGP09.phx.gbl...
> In news:elysDVIgEHA.1392@TK2MSFTNGP11.phx.gbl,
> Fred Yarbrough <fcyarbrough@yahoo.com> wrote their comments
> Then Kevin replied below:
> > BACKGROUND:
> > We are using the split DNS model where there are separate
> > Public and Private DNS servers. Our domain name is
> > Company.com in our Public DNS servers and our internal
> > network uses NET.company.com for our domain in our
> > Private DNS. Our Private DNS forwards any unknown DNS
> > queries to our Public DNS server. So for example an
> > internal client request for www.company.com hits our
> > Private DNS and gets forwarded to our Public DNS for
> > resolution since Company.com is defined in our Public
> > DNS.
> >
> >
> > ISSUE TRYING TO RESOLVE:
> > We have a special website that sits inside our network.
> > This website is defined in our Public DNS as
> > special.company.com 1.2.3.4 and is front ended by an ISA
> > server. We would like to add a record to our Private DNS
> > server so that users would resolve this
> > special.company.com site to 2.3.4.5 which is the internal
> > address. How do I do this? Can I do this? Is it
> > possible to simply add a record for a domain without
> > having to define a Zone?
>
> Use the DNS management console to open forward lookup zones, start the new
> zone wizard name the new zone special.company.com, after you finish the
> wizard open the zone create a new host, Leave the name field blank, give
it
> IP 2.3.4.5 and create. Win2k will bark at you and say "(same as parent
> folder) is not a valid host name)" Click OK to create the record anyway.
>
> Then run ipconfig /flushdns to clear the old record out of your computer
DNS
> cache.
>
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ================================================
> --
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ================================================
> http://www.lonestaramerica.com/
> ================================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ================================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ================================================
>
>
Related resources
Anonymous
August 12, 2004 6:18:56 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:egFak1JgEHA.2524@TK2MSFTNGP09.phx.gbl,
Fred Yarbrough <fcyarbrough@yahoo.com> wrote their comments
Then Kevin replied below:
> Works like a champ! Cool Trick.... I guess in this
> instance you are actually defining an internal zone with
> this name and mapping the zone to this address. Does it
> matter if this Zone is AD Integrated or not? I guess it
> depends if you want this internal remapping to be for all
> of your AD network.

It doesn't matter if its AD integrated or not, you're not allowing dynamic
updates anyway and it's only a good address for your internal LAN.



--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
================================================
--
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
================================================
http://www.lonestaramerica.com/
================================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
================================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
================================================
Anonymous
August 12, 2004 6:37:12 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Understood. My point with the AD Integrated is that it will be passed on to
our other DNS servers (WAN locations). If you make it Non AD Integrated it
will only stay on the DNS server where it was defined.

Thanks for you help,
Fred


"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:o RjP4EKgEHA.636@TK2MSFTNGP12.phx.gbl...
> In news:egFak1JgEHA.2524@TK2MSFTNGP09.phx.gbl,
> Fred Yarbrough <fcyarbrough@yahoo.com> wrote their comments
> Then Kevin replied below:
> > Works like a champ! Cool Trick.... I guess in this
> > instance you are actually defining an internal zone with
> > this name and mapping the zone to this address. Does it
> > matter if this Zone is AD Integrated or not? I guess it
> > depends if you want this internal remapping to be for all
> > of your AD network.
>
> It doesn't matter if its AD integrated or not, you're not allowing dynamic
> updates anyway and it's only a good address for your internal LAN.
>
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ================================================
> --
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ================================================
> http://www.lonestaramerica.com/
> ================================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ================================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ================================================
>
>
Anonymous
August 12, 2004 6:49:04 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:u0U7EPKgEHA.712@TK2MSFTNGP09.phx.gbl,
Fred Yarbrough <fcyarbrough@yahoo.com> wrote their comments
Then Kevin replied below:
> Understood. My point with the AD Integrated is that it
> will be passed on to our other DNS servers (WAN
> locations). If you make it Non AD Integrated it will
> only stay on the DNS server where it was defined.

This is correct and will work if all locations access it by that same IP
address.



--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
================================================
--
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
================================================
http://www.lonestaramerica.com/
================================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
================================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
================================================
Anonymous
August 13, 2004 5:24:35 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:egFak1JgEHA.2524@TK2MSFTNGP09.phx.gbl,
Fred Yarbrough <fcyarbrough@yahoo.com> made a post then I commented below
> Works like a champ! Cool Trick.... I guess in this instance you are
> actually defining an internal zone with this name and mapping the
> zone to this address. Does it matter if this Zone is AD Integrated
> or not? I guess it depends if you want this internal remapping to be
> for all of your AD network.
>
>
> Thanks,
> Fred


It's just a different namespace, even if it looks like it has a common root,
but it's independent. You can look at it as a 'start' of a new namespace.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--
=================================
!