• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 134
  • Last Modified:

How to setup External DNS - Correctly

OK-

I need to set up an NS1 and NS2 box for External DNS. (we host our own dns)

Situation- I want them to be behind the firewall and I am going to NAT the traffic through.

I would prefer this not to be an AD intergrated DNS zone. Is this possible to do?

LMK what an "ideal" situation would be...
0
atmear
Asked:
atmear
  • 3
  • 3
1 Solution
 
mikecrCommented:
This is how you should set up DNS for the internet.

http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q300202

You don't have to use AD integrated DNS, however, this makes a good failover when used.
0
 
atmearAuthor Commented:
Great Document... Thank You

One other Question: I am running a AD domain (i will call it) domain1.com The domain we use on the inside is actually our FQDN on the outside. Knowing that... Currently I have the 2 servers configured as ns1.domain1.com and ns2.domain1.com. I created a primary and secondary and both boxs seem to be working fine (out of production)... As you stated, it would be ideal to have the DNS services integrated into AD. To do so, I would have to step on my current AS structure. So to clarrify and understand what your saying, should I do as follows? Create a new AD forest for example domain2.com and have the server names ns1.domain2.com and ns2.domain2.com? In that suggested scenario, I am creating the enviroment for DNS and active directory to coinside....

Thanks for your help,
ATM
0
 
mikecrCommented:
If your FQDN is also your regular domain name, I would create one DNS server with a primary zone on it for your company for external use, and I would configure two domain controllers internally with DNS that is AD integrated so you have a backup. This is what you would do in a real world scenario. This also helps to keep your network secure.
0
Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

 
atmearAuthor Commented:
I am a bit lost...

So are you saying to "not" bring up a new AD domain?
And, just bring up one box attached to my current domain (which has the same FQDN) with the external DNS records?

Not so sure how that would work... so I believe I just do not understand.

Let me clarrify. I want to bring up to external DNS servers behind the firewall. The DNS servers would route traffic to my FQDN along with other FQDN's. But, my actuall AD Domain name is also my FQDN. So should I just Bring up two new servers, put them in ns1.new domain.com.?

MSN-atmear@hotmail.com (If I can not understand what your saying and you would like to have a more detailed realtime conversation)

Thank You!
0
 
mikecrCommented:
If you already have a domain configured and you have an external DNS server set up, you don't need to create a whole new domain. Just make sure that you have two domain controllers each configured with DNS that is AD integrated and your all set. They can be used for internal name resolution and you can use the external DNS for other things like your mail server and such.
0
 
atmearAuthor Commented:
The answer I selected as the "winner" is not exactly the answer to my question... but by reading all of his responses you can determine the correct answer.

Thanks!!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now