DNS pointing a subdomain of ours to another's server

Posted on 2006-05-16
Medium Priority
Last Modified: 2010-04-18
A user started a pilot site and hosted it with the web developer that created the site.  In order to lend credibility to the site, they wanted to call it PILOT.OURDOMAIN.ORG, so I set up an A record on our authoritative DNS for that subdomain to point to their IP address.  It works fine for people who aren't behind our firewall, but when we try to go there from within our network, we get a "site not found" error.  Running 2003 server as our internal DNS server ( which is why I ask it in this area -  If I'm wrong please let me know where ).  I'm thinking I need to set up something on our internal DNS, but not really sure how to proceed.  Maybe the fact that it is a "subdomain" of ours is messing with the resolution?  I'm a little sketchy when it comes to specifics of DNS servers....  In looking at our internal DNS, I see some "forward lookup zones" and am wondering if I should add one for PILOT.OURDOMAIN.ORG?  And how?  Trouble is, if I simply point the subdomain name to an IP address, they might just get the default page of that server ( the guy at the web developer tells me they're using Apache to redirect )  When I just type in the IP in a browser, I get a different site than the one I should for the IP they gave me to enter into our authoritative DNS, and different from the one people get who are outside our firewall and type in PILOT.OURDOMAIN.ORG.

It's a confusing scenario....a bandaid on a workaround to make the marketing people happy.  
Question by:kburmaster
LVL 16

Expert Comment

ID: 16691714
Did you try to access it from a PC in your internal network that is not behind the firewall?
If not, try that first.
If it works well without the firewall...I would look at the Firewall first.

In other words, before going through a reconfiguration...remove, one at a time, any device that could possibly be interferring.

Author Comment

ID: 16691769
Our entire internal network is behind the firewall, so that's not really possible.

Author Comment

ID: 16691907
I think I figured it out.  I added a host (A) record on our internal DNS for PILOT on OURDOMAIN.ORG pointing to the IP address of the offsite server, and it seems to work now.  I'm not going to pretend I understand exactly why it works this way, and not when I simply enter the IP address in a browser, but that wasn't really the question.

LVL 33

Expert Comment

ID: 16692163
This means that PILOT isn't a subdomain name, its just a computer name.  So, OURDOMAIN.ORG is the domain name...  This domain name is used both internally and externally on the internet.

www.ourdomain.org needs to resolve to an IP address on the internet (if you want people from inside your network and from anywhere on the internet to access it.

WWW = IP address of web server on internet

Just like PILOT must be related to a public IP address on the internet....

However, because you internal domain name is identicle to the registered internet domain name, your internal network will not use the DNS settings available on the internet...  So, you must create a HOST record or "A" record on your local DNS server for every server in the ourdomain.org namespace.  So PILOT = xx.xx.xx.xx <-- the IP of the offsite webserver.

In general, it is recommended that you don't name your internal windows domain the same as your registered internet domain name.  If you chose a different name (like ourdomain.local), you would not have this problem...

Accepted Solution

ee_ai_construct earned 0 total points
ID: 16878256
PAQ / Refund
ee_ai_construct, CS Moderator

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question