sebastienbo
asked on
howto: Wildcard subdomain delegate under Windows server
To DNS guru's:
I have a global DNS domain called "myname.com", I have the same domain internally for my active directory with integrated DNS (Shadow dns).
The issue that I'm encountering is that when I try to reach a subdomain of "myname.com" from my internal network that it will not be resolved because on my internet dns server because it is looking into my internal dns server (Where the record doesn't exist)
So as a solution I was thinking to delegate internally a wildcard of my domain "*.myname.com" , hoping that when my internal dns can't resolve it, that it will forward the query to the external dns server.
But it doesn't work, can anyone help ?
I have a global DNS domain called "myname.com", I have the same domain internally for my active directory with integrated DNS (Shadow dns).
The issue that I'm encountering is that when I try to reach a subdomain of "myname.com" from my internal network that it will not be resolved because on my internet dns server because it is looking into my internal dns server (Where the record doesn't exist)
So as a solution I was thinking to delegate internally a wildcard of my domain "*.myname.com" , hoping that when my internal dns can't resolve it, that it will forward the query to the external dns server.
But it doesn't work, can anyone help ?
ASKER
Well if delegate won't work, is there another solution?
The AD integrated dns offers an option forwarders or conditional forwarders, but thos have effect on a complete domain/zone or on any domain/zone which isn't found in the local dns database.
Under linux I know that you could forward wildcards ns requests to another ns server, windows doesn't le you do that ?
The AD integrated dns offers an option forwarders or conditional forwarders, but thos have effect on a complete domain/zone or on any domain/zone which isn't found in the local dns database.
Under linux I know that you could forward wildcards ns requests to another ns server, windows doesn't le you do that ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You cannot delegate a Wildcard, it simply doesn't work and there's no way to make it work.
This is down to the implementation of the Wildcard in MS DNS. No two implementations of this mechanic seem to be the same, and none really match the RFC which doesn't do what people expect anyway.
You would have to delegate a Subdomain explicitly, or add any records you need within the main domain.
Sorry.
Chris