• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 145
  • Last Modified:

Some probably stupid questions

am workng with this guy who does some unusaul stuff not saying they are right or wrong but unusual...

On a Windows 2003 server DHCP s set on the Pix firewall giving ips to all the client computers one of the DNS is set for our internal DNS whch is the same as this server which s also the DC server the other is an external DNS server for our ISP all client computers have both the internal and one external DNS configured on thier machines.....

in the internal DNS a host record is set for our hosted smtp server mail.ourdomain.com ip address 55.555.454.45

now this seems to work if we have to change smtp we just change the ip address in the host record.

we also have host set up for our outside www. and ftp and other hosted servces..

our forwarders are also set to the isp external dns servers..

my queston I was taught to set up the internal dns with forwarders and thats that what if any problem is there with settng up the DNS with all these external records and these configurations in general.

Also due to the fact this is problaly a smple queston when change ISP once you have everything set up and check the DNS and it fails recusve is this becuase of the root and how can you fix it.
0
arahming
Asked:
arahming
1 Solution
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
I'm not entirely clear on your question, but if I understand correctly...

It's fine to run DHCP on the PIX - I wouldn't recommend it - I think the client and other potential consultants should have easier access to it, but as long as the correct settings are given, it's not a problem.

DNS - the ONLY, stress ONLY DNS servers the workstations and servers should use are the DNS servers for active directory.  The AD DNS servers can then use forwarders to the ISP, but don't technically need to.  Why?  If a client EVER uses a non-AD DNS server to resolve a name (if, for whatever reason, your AD DNS servers don't respond fast enough) then you could have random problems accessing network services including delays in logging on, and problems reaching your servers.  99% of the time the AD DNS servers probably get it... but that 1% CAN cause problems for the client, and in turn, you, and if they get another consultant who KNOWS what they are doing, then you look even worse.  Oh, but what about accessing the internet if the AD DNS servers go down.  Yes, that's a problem... but if your AD DNS servers go down, you probably have far bigger problems and it's better to know about them and get them fixed sooner than later.

As for setting up hosts for external services such as mail, www, and ftp - not generally a problem - can make things easier even.  I do this from time to time myself.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now