DNS Server and Name Server problems

I have 4 servers that are co-located in a data center.  Server 1 is a dns server that is the authoritative DNS server for all the domains that we host (200). It is registered as a name server.

Every thing was fine until we put a Cisco Pix in place using address translation.   Now all the servers have private ip address.  I put host files on each server but the dns server (server 1) pulls its private ip address into dns so since it is also the registered name server it reports its ip address to the world.  It is also a primary domain controller. All domains are integrated into active directory

I have no clue what to do to get it to report the proper public ip address.  
cooperrdAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dmitri FarafontovLinux Systems AdminCommented:
You can configure an additional IP address right on the NICK TCP/IP Configuration itself.
Dmitri FarafontovLinux Systems AdminCommented:
Seems to me its a NAT configuration issue on a second thought.
thallerCommented:
It's never a good idea to host internal records on an externally accessible DNS server; in a perfect world, you'd have a different DNS server just for the publically accessible zones.  Why are your hosted domains AD-integrated?
CompTIA Security+

Learn the essential functions of CompTIA Security+, which establishes the core knowledge required of any cybersecurity role and leads professionals into intermediate-level cybersecurity jobs.

cooperrdAuthor Commented:
To DeltaFire:  

Adding a second ip doesn't solve the problem (I tried that) it still reports it self to the dns as the private ip.  I had the data center techs setup the Firewall (we were getting hit with sql slamer) there position is is that it is correct.

To Thaller:

I would love to have an additional server (and it may come to that) but rack space plus cost and lack of a clear understanding of the problem resolution don't allow for that at this point.  

My problem is that I didn't really know what I was doing to stat with.  I am use to setting up business environments where you have a pdc and all servers are members of the domain and are a part of active directory.  Should the hosted domains not be part of AD, and if not why?
AcknowledgeCommented:
Windows 2000/XP/2003 registers his primary ipadres to DNS. And that is also what you want. If a DC wouldn't do that clients wouldn't be able to resolve domain controllers (or you must add manually add the domain records to dns. I dont know what exactly the problem is.

if i read it right your Pix is DNS? And I asume it is a stand alone DNS en no replication partner from server1? Why not addmanually the public ipadresses to DNS and leave the private adresses register itselfs?
cooperrdAuthor Commented:
The server name is also the the name server name.  ie. ns1.domain.com is the registered name server and the server name. so if I add the public ip I will have a private and public ip pointing to the same A record
AcknowledgeCommented:
And what's wrong with that? an server with multiple ipadresses has also 2 adresses or more in DNS pointing to the same a-record.

But if the server has one NIC and one IPadress why publish the external IP adress in DNS? Why not port forwording on the firewall?

I'm still not sure if i'm have your network toplogy in my head...

thallerCommented:
You don't really need another server if you've got another Win2k3 server that's not overburdened, nor a DC.  On the General property page of the DC hosting the zones in question, change all hosted zones to Standard Primary (not AD-enabled).  Make sure you don't change the zones representing your internal namespace; those will continue to be AD primary zones.  On the target DNS server, install the DNS service and set it up as a secondary to the hosted standard primary zones.  Once they are transferred to the secondary, change those zones to standard primary zones.  The hosted zones should now be secondary zones on the DC.  You should keep them there for redundancy reasons.  Once they are standard primary zones on the target public DNS server, you can modify them as needed to reflect the addresses you want to publish externally.  See this link for general info on DNS for hosted websites:

http://support.microsoft.com/default.aspx?scid=kb;en-us;324260

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.