Setting up Special Zones

Is there a way to setup a zone so that if an inquiry about something called intranet.now.com (just made it up for sake of demo) comes from the same subnett, say 192.168.0.0, the answer will be say 192.168.0.5. but if the inquiry comes from the our WAN, which there are a few....so any other no-routable networks with the exception of 192.168.0.0, the answer would be 192.168.046.

Did this come across correctly?   I guess what i'm asking is some form of distinguishing or A.I.?  

Thanks in advance!
TIA
TIA_ITAsked:
Who is Participating?
 
LauraEHunterMVPConnect With a Mentor Commented:
Hmm.  I knew what you were describing rang a bell, I just couldn't remember what the name of it was:

Netmask ordering.  Essentially, if DNS has multiple A records for a particular host, it will return -first- the IP address that's in the same subnet as the requester.  See if this will fit your scenario:

http://support.microsoft.com/kb/842197
0
 
KCTSCommented:
I think you might be talking about conditional forwarding ?
Take a look at http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html
and see if this is what you want
0
 
LauraEHunterMVPCommented:
Hmmm, not sure that it's conditional forwarding.

So what you're saying is:

I have a host called www.bob.com.

If a request comes in for www.bob.com from a machine with an IP address of 192.168.xx/16, www.bob.com will resolve to 192.168.0.5.

If a request comes in for www.bob.com from any other subnet, www.bob.com will resolve to 192.168.0.46.

Is that what you are trying to accomplish?

Depending on your DNS implementation there may be a way to do that, but I want to be sure that that's what you're asking before I rack my brain.  :-)
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
TIA_ITAuthor Commented:
KCTS, I'll check that link...thanks!

Yes Laura.  That's it exactly.
0
 
LauraEHunterMVPCommented:
Are the clients on the "special" subnet pointed to separate DNS server(s) than the remainder?  The only way I can think for that to happen would be if that were the case, as you could maintain a different A record on each server.  Clients pointing to DNS server A go to IP address A, clients pointing to DNS server B go to IP address B.  It's not differentiating based on the IP address of the querying client, per se, but I think that's the only way you can approximate that.
0
 
TIA_ITAuthor Commented:
Ah....no, the clients at that site are pointed to the DNS server at that site, which is that site's domain controller.  We're all in the same domain therefore the DNS server replicates the zones to the other domain controllers in the WAN.  We have Internal and External DNS servers at our colocation facilities on the edge of the network, which I'm thinking maybe we just put both ip addresses there for www.bob.com.

I liked the conditional forwarding but it doesn't sound like something we can take advantage of due to the above mentioned reasons.

Regards,
TIA
0
 
TIA_ITAuthor Commented:
Laura I think that's what I'm looking for, Netmask ordering....   I'm going to test it on another server today and see if that will be sufficient for the Italy site.  Dang, one does this for 15 years and still, one learns new stuff every day....   keeps this interesting....and me employeed  LOL  ;-)   TIA!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.