Sign in with
Sign up | Sign in
Your question

setting up a new DNS.

Last response: in Windows 2000/NT
Share
February 17, 2005 6:53:03 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Perhaps someone here can point me in the right direction (thank you). I have
2 servers, fixing to be 2003 DC. I have registered a domain (mycomany.com).
1 of the 2 servers will be Exchange 2003, the other the www server. I have
pointed my registar ns1 and ns2 to my servers. Both servers have 2 nics. 1
for a 10.10.10.x range LAN and the other is on 192.168.0.x range for the
internet (multi-homed). Question is, should I create my domain as
mycomany.local or mycompany.com? Would it be more secure to use .local since
it is internal only? If I did .local what would be the best way to get this
to work so that internet people can get to my www and exchange and still be
secure on the inside? I have been fighting with this a while and have taken
everything down to await some advice. If my internal domain is .local, would
it affect my exchange per say my email would be Danno@mydomain.local instead
..com. i know it is a lot, but any advice is greatly appreciaited. this is a
very small business trying to grow. thank you.

More about : setting dns

February 17, 2005 7:43:03 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

After reading more on the NGS, is it correct in saying not to use same AD
name as what my registar holds? Also is it best to have the registar handle
the DNS and then some how on enom (registar) point host and mx records to my
2 IP's?

"Danno" wrote:

> Perhaps someone here can point me in the right direction (thank you). I have
> 2 servers, fixing to be 2003 DC. I have registered a domain (mycomany.com).
> 1 of the 2 servers will be Exchange 2003, the other the www server. I have
> pointed my registar ns1 and ns2 to my servers. Both servers have 2 nics. 1
> for a 10.10.10.x range LAN and the other is on 192.168.0.x range for the
> internet (multi-homed). Question is, should I create my domain as
> mycomany.local or mycompany.com? Would it be more secure to use .local since
> it is internal only? If I did .local what would be the best way to get this
> to work so that internet people can get to my www and exchange and still be
> secure on the inside? I have been fighting with this a while and have taken
> everything down to await some advice. If my internal domain is .local, would
> it affect my exchange per say my email would be Danno@mydomain.local instead
> .com. i know it is a lot, but any advice is greatly appreciaited. this is a
> very small business trying to grow. thank you.
Anonymous
February 17, 2005 10:58:01 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:601C3ECB-41B5-407C-9F58-F54D0C81DE14@microsoft.com,
Danno <Danno@discussions.microsoft.com> commented
Then Kevin replied below:
> After reading more on the NGS, is it correct in saying
> not to use same AD name as what my registar holds?

That is correct?
In my experience it is better to use a third level name such as
lan.mycompany.com or home.mycompany.com.

Also
> is it best to have the registar handle the DNS and then
> some how on enom (registar) point host and mx records to
> my 2 IP's?

It is far better to leave your public DNS at your registrar.
Then just create "A" records at your registrar for mail.mycompany.com then
point your MX record to that name.

You'll also need to contact your ISP about having PTR records created or
delegated to you.






--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
Related resources
February 17, 2005 10:58:02 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Hello Kevin, thank you for the quick response. So basically you are saying
my domain name for my DC's should be something like HQ.mycompany.com. So my
DC's would be called mail.hq.mycompany.com and webserver.hq.mycompany.com?
So my DNS forwarders would be hq.mycompany.com AND/OR mycompany.com?
Charter is my ISP, We run dual cable modems here. 1 IP is for the www,
other for exchange. So on enom i point A records and MX records to my
internal domain/ip? Also is asking an ISP for PTR records a fairly easy to
get task? :)  And how about the Exchange side, so my email will be
user@hq.mycompany.com but all i should do is specify a seperate SMTP email in
exchange for user@mycompany.com correct? Hey thanks again buddy.

Semper Fidelis



"Kevin D. Goodknecht Sr. [MVP]" wrote:

> In news:601C3ECB-41B5-407C-9F58-F54D0C81DE14@microsoft.com,
> Danno <Danno@discussions.microsoft.com> commented
> Then Kevin replied below:
> > After reading more on the NGS, is it correct in saying
> > not to use same AD name as what my registar holds?
>
> That is correct?
> In my experience it is better to use a third level name such as
> lan.mycompany.com or home.mycompany.com.
>
> Also
> > is it best to have the registar handle the DNS and then
> > some how on enom (registar) point host and mx records to
> > my 2 IP's?
>
> It is far better to leave your public DNS at your registrar.
> Then just create "A" records at your registrar for mail.mycompany.com then
> point your MX record to that name.
>
> You'll also need to contact your ISP about having PTR records created or
> delegated to you.
>
>
>
>
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
>
>
>
Anonymous
February 18, 2005 3:33:54 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:2AACBCD8-ED52-4039-950A-6EF5E6CCB69A@microsoft.com,
Danno <Danno@discussions.microsoft.com> commented
Then Kevin replied below:
> Hello Kevin, thank you for the quick response. So
> basically you are saying my domain name for my DC's
> should be something like HQ.mycompany.com. So my DC's
> would be called mail.hq.mycompany.com and
> webserver.hq.mycompany.com? So my DNS forwarders would be
> hq.mycompany.com AND/OR mycompany.com?
> Charter is my ISP, We run dual cable modems here. 1 IP
> is for the www, other for exchange. So on enom i point A
> records and MX records to my internal domain/ip? Also is
> asking an ISP for PTR records a fairly easy to get task?
> :)  And how about the Exchange side, so my email will be
> user@hq.mycompany.com but all i should do is specify a
> seperate SMTP email in exchange for user@mycompany.com
> correct? Hey thanks again buddy.

The computer name has nothing to do with how the web server and mail server
are accessed.
If you owned the public name you could make these servers know as
joe.nobodysbusiness.com. The computer names are for Active Directory and
should be kept private anyway.
You can also add mycompany.com to the UPN logon suffix in AD Domains &
Trusts so your users could still logon with their email addresses. I have
ten UPN logon suffixes set up for each mail domain I host so that no matter
what their email address is they can logon using their email address, even
though the email domain is nothing close to my AD domain name.



--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
February 18, 2005 4:37:05 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Kevin,

i have setup my new domains and changed registar to use their dns servers
and point host records to me. in my dns, should i use forwarders to the ns1,
2, 3... or use host a records instead? Also the mx record should only be for
my internal domain or both that and external? thanks again.

"Kevin D. Goodknecht Sr. [MVP]" wrote:

> In news:2AACBCD8-ED52-4039-950A-6EF5E6CCB69A@microsoft.com,
> Danno <Danno@discussions.microsoft.com> commented
> Then Kevin replied below:
> > Hello Kevin, thank you for the quick response. So
> > basically you are saying my domain name for my DC's
> > should be something like HQ.mycompany.com. So my DC's
> > would be called mail.hq.mycompany.com and
> > webserver.hq.mycompany.com? So my DNS forwarders would be
> > hq.mycompany.com AND/OR mycompany.com?
> > Charter is my ISP, We run dual cable modems here. 1 IP
> > is for the www, other for exchange. So on enom i point A
> > records and MX records to my internal domain/ip? Also is
> > asking an ISP for PTR records a fairly easy to get task?
> > :)  And how about the Exchange side, so my email will be
> > user@hq.mycompany.com but all i should do is specify a
> > seperate SMTP email in exchange for user@mycompany.com
> > correct? Hey thanks again buddy.
>
> The computer name has nothing to do with how the web server and mail server
> are accessed.
> If you owned the public name you could make these servers know as
> joe.nobodysbusiness.com. The computer names are for Active Directory and
> should be kept private anyway.
> You can also add mycompany.com to the UPN logon suffix in AD Domains &
> Trusts so your users could still logon with their email addresses. I have
> ten UPN logon suffixes set up for each mail domain I host so that no matter
> what their email address is they can logon using their email address, even
> though the email domain is nothing close to my AD domain name.
>
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
>
>
>
Anonymous
February 18, 2005 9:55:12 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:8948AF3A-9A90-49FA-B5C0-B62992BBC22D@microsoft.com,
Danno <Danno@discussions.microsoft.com> commented
Then Kevin replied below:
> Kevin,
>
> i have setup my new domains and changed registar to use
> their dns servers and point host records to me. in my
> dns, should i use forwarders to the ns1, 2, 3... or use
> host a records instead?

You should probably not use those DNS servers as forwarders, many
authoritative content DNS server have recursion disabled and cannot be used
as a forwarder.

Also the mx record should only
> be for my internal domain or both that and external?
> thanks again.

You most likely don't need an internal MX record, your mail server doesn't
need to see its own MX record for any reason.
You may need an internal MX record ONLY if you have two SMTP servers,
hosting totally different mail domains and they are not aware of each other
or the mail domains they host..



--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
!