Solved

Public DNS

Posted on 2011-02-24
9
812 Views
Last Modified: 2012-05-11
i want to setup Public DNS for my one of the client please let me know the steps and preriqusites for it.
0
Comment
  • 6
  • 2
9 Comments
 
LVL 3

Expert Comment

by:sergiobg57
Comment Utility
Here is a guide:
http://code.google.com/intl/pt-BR/speed/public-dns/docs/using.html

Remember to save a back up of your configs.

Run the command prompt, "ipconfig /all > backupinfdns.txt" or "ifconfig > backupinfdns.txt".

It's most likely that you'll not need this information, but caution is never too much.(the config will be saved in your working directory that is the one you'll be seeing in the prompt)
0
 

Author Comment

by:Yogesh_Exchange_Expert
Comment Utility
i want to setup own public dns
0
 

Author Comment

by:Yogesh_Exchange_Expert
Comment Utility
my simple question is i want to setup my own public DNS server what all the steps and requirement for it.
0
 
LVL 3

Expert Comment

by:sergiobg57
Comment Utility
The steps are pretty much the same.
You just need to substitute the google's DNS by your own.

But of course, it's only if you already have a DNS server.
Do you have it?
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:Yogesh_Exchange_Expert
Comment Utility
Actually customer has already taken external ip and register there dns server with name of www.xyz.com now he want us to setup the internal setup. so whats need to be done just want to know this. he want to use this dns for hosting all his websites.
so whats the requirements for this.
0
 

Assisted Solution

by:Yogesh_Exchange_Expert
Yogesh_Exchange_Expert earned 0 total points
Comment Utility
Please let me know ASAP customer is waiting for reply.
0
 

Accepted Solution

by:
Yogesh_Exchange_Expert earned 0 total points
Comment Utility
You will have to open port 53 (DNS) for TCP and UDP both on your firewall to forward requests your server.  
You would then have to register your Public IP as the Name Server for your domain with your name registrar.
Allow ICMP traffic on firewall to ping from external network.

0
 
LVL 20

Expert Comment

by:Daniel McAllister
Comment Utility
While I see the question has been requested to be closed, I don't see a reasonable answer so I'm going to provide one.

Let's start at the beginning -- a DNS server's primary task is that it answers requests from clients about the IP addresses of the domains for which it has direct information (either as a master zone server, or a slave that gets its data from a master zone server).

So, if you've got a registered domain, example.com, and you host your own DNS servers, then you've notified your domain registrar of this fact and created the appropriate GLUE records with them so that the world will know that the DNS servers for example.com are your server's IP addresses. (I use ploural here, because technically you're supposed to have AT LEAST two DNS servers defined for any Internet Domain Name).

OK -- so let's assume you have that setup already... sometimes, you then want that DNS server to also resolve "public" (that is, other Internet) domains for your local (LAN) clients. To do this, all that needs to happen is that the DNS server enable a function called RECURSION (or RECURSIVE LOOKUPS). What this means is that the DNS server uses a preset "root hints" file of 13 "top-level" DNS servers to fully resolve a name resolution request. The process kinda goes like this:
- The server gets a request for www.anotherexample.com
- The server determines that it is NOT a local domain (in other words, it is NOT a server for that domain)
- The server determines that it is allowed to do recursive lookups for the client making the request
- The server determines that it does NOT already have a cached copy of the resolved IP address
- The server checks for the next higher level domain (in this case anotherexample.com
- The server determines that is is not a local domain (this time, just the domain name, not the www), & it is not cached
- The server checks for the next higher level domain (in this case just plain com, or "dot-com")
- The server determines that is is not a local domain (this time, just the com), & it is not cached
- The server checks for the next higher level domain - but now we're at the TOP of the tree, so the server asks one of the 13 ROOT HINTS servers for a list of .com servers
- Using that list, the server requests from the .com name servers a list of servers for anotherexample.com
- Using that list, the server requests from the anotherexample.com name servers a list servers for www.anotherexample.com
- Using that, the server finally replies to the client with the list of "resolved" IP addresses for www.anotherexample.com

As you can see, there can be quite a lot of overhead -- but it is lessened by the fact that each response is cached so that lookups don't take so long in the future.

Now to some, this is what is referred to as being a "public" DNS server -- even though, if you're smart, you'll only allow LAN clients to use that recursive function -- and not anyone on the Internet.

But to others, a truly public DNS server is willing to do these resolutions for anyone, anywhere. Some common public DNS servers are Verizon's 4.2.2.2-4.4.4.5, and Google's 8.8.8.8. But to intentionally be another of these servers, all one needs to do is open TCP and UDP ports 53 to your DNS server and allow recursion for all. Then be prepared for a LOT of hits -- especially once it is discovered that you're a public DNS server.

I do NOT recommend becoming a truly public DNS server -- and being a master zone server as well as a public DNS server for LAN clients is difficult for Windows DNS servers because they cannot block only certain clients from doing recursion. But Linux DNS servers do this well.

I hope this better answers this question -- if not for the original author, then for future readers.

Dan
IT4SOHO
0
 

Author Closing Comment

by:Yogesh_Exchange_Expert
Comment Utility
k
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now