Port forwarding and DNS confusion

Archived from groups: microsoft.public.win2000.dns (More info?)

In a split DNS setup do you need to forward ports on the router to speak to
internal servers?
All servers, web, FTP, Exchange would have internal addresses.
I would have the external DNS (on a DMZ& hosting only external zone) have
all the appropriate records to the internal servers with appropriate IP's.
Also an internal DNS hosting the local zone with appropriate records and IP's.
If you had ports forwarded directly to the internal servers wouldnt this
'bypass' DNS? I think Im missing something....
1 answer Last reply
More about port forwarding confusion
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    On Tue, 14 Sep 2004 21:45:03 -0700, "Ryan"
    <Ryan@discussions.microsoft.com> wrote:

    >In a split DNS setup do you need to forward ports on the router to speak to
    >internal servers?

    In *any* DNS setup, if systems on the LAN side using private IP
    addresses need to be accessed from the WAN side using public IP
    addresses you need to translate the IP's, which is what you refer to
    as forwarding the ports.

    >All servers, web, FTP, Exchange would have internal addresses.
    >I would have the external DNS (on a DMZ& hosting only external zone) have
    >all the appropriate records to the internal servers with appropriate IP's.
    >Also an internal DNS hosting the local zone with appropriate records and IP's.
    >If you had ports forwarded directly to the internal servers wouldnt this
    >'bypass' DNS? I think Im missing something....

    I think so too. But it's not really a DNS problem if internal systems
    need to be accessed by external systems, that's a routing and
    firewalling issue. For DNS resolution, you normally would exclude
    your internal addressing from external use. But then normally you'd
    want external-facing servers to be in a DMZ and accessible by public
    IP, not internal to your LAN.

    Jeff
Ask a new question

Read More

Port Forwarding DNS Servers Windows