Solved

Getting Back To A Single Forward Lookup Zone

Posted on 2004-08-18
10
240 Views
Last Modified: 2010-04-19
During our long migration from NT to Windows 2003 we ended up with 2 DNS forward lookup zones, fbc.ca and fbc.internal.  I think I recall the reason we did that was because our registered internet domain is fbc.ca and I didnt want to have it as a DNS FLZ.

Our web site is www.fbc.ca and has a ip address in our FLZ's to point to it so I dont see any reason to keep fbc.internal as a FLZ in DNS. Is there any reason that I cant just have one single DNS FLZ as fbc.ca, deleting fbc.internal ?
0
Comment
Question by:tmccabe
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 16

Expert Comment

by:JamesDS
ID: 11833108
tmccabe
If your AD Domain is called fbc.internal then you should keep it. Having AD register it's records into another DNS Domain nasty and not recommended.

If the Authority for your EXTERNAL domain (FBC.CA) is not you, then you could set forwarders on the AD DNS Server to piont to your ISPs DNS servers and get rid of the FBC.CA zone instead.

Cheers

JamesDS
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 11833166
tmccabe
I ran NSLOOKUP on your external domain:

fbc.ca  nameserver = ns1.nucleus.com
fbc.ca  nameserver = ns.nucleus.com
ns.nucleus.com  internet address = 66.18.192.250
ns1.nucleus.com internet address = 66.18.192.251

FBC.C resolves to: 207.34.101.232

which suggests that you are NOT the authority for your DNS domain and therefore forwarders should work fine.

Cheers

JamesDS
0
 

Author Comment

by:tmccabe
ID: 11833191
James-do you ever do any work or just wait around for my questions ? : )
0
MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

 
LVL 16

Accepted Solution

by:
JamesDS earned 500 total points
ID: 11833271
tmccabe
well, I failed so miserably on the last one, I thought I owed you one :)

Actually, I am in the UK, so this is hometime for me

Cheers

JamesDS
0
 

Author Comment

by:tmccabe
ID: 11833315
because our web site is www.fbc.ca I had to add an entry in DNS to point to it so our internal users can get to it.
That A record in DNS is inside the fbc.ca FLZ. So you say I should point my forwarders to the external ISP name servers, kill the fbc.ca FLZ and stay with the single flz of fbc.internal. Is that correct ?
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 11833514
tmccabe
It depends on your AD and the dns authority for your external domain.

If the ONLY thing in the FBC.CA zone is the WWW entry (or all entries point to external ip addresses) and your AD is using the .internal FLZ then you can indeed use forwaders.

If you are definitely NOT the authority (IE the DNS servers ns.nucleus.com and ns1.nucleus.com are not the external addresses of your internal DNS server) then forwaders to your ISPs DNS servers will work fine.

You will need to know the IP addresses of your ISP DNS servers (call support or look on their website)

If you don't like the result of this after you have made the change then you can re-create the zone from the original zone file in the \system32\DNS folder on your DNS server as windows doesn't delete old zone files - but you have to make sure the zone isn't AD integrated before you delete it.

Cheers

JamesDS
0
 

Author Comment

by:tmccabe
ID: 11840443
so how would I add a www entry in a my fbc.internal flz - it will want to list itself as www.fbc.internal
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 11843756
tmccabe
The point is, with forwarders you shouldn't need the www entry anywhere as it will already be on the DNS server that is authoritative for the external domain.

Cheers

JamesDS
0
 

Author Comment

by:tmccabe
ID: 11843824
ah ! of course ! the learning never stops does it
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 11850727
tmccabe
hell no !

:)

Cheers

JamesDS
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Backup DHCP Server 8 139
ESEUTIL Stopped Working Need a new copy for 2003 Exchange. 11 68
ticket bloat 3 82
Promote Server 2012 R2 on Server 2003 domain 13 77
Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Learn about cloud computing and its benefits for small business owners.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question