?
Solved

Public DNS

Posted on 2011-02-24
9
Medium Priority
?
820 Views
Last Modified: 2012-05-11
i want to setup Public DNS for my one of the client please let me know the steps and preriqusites for it.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2
9 Comments
 
LVL 3

Expert Comment

by:sergiobg57
ID: 34977208
Here is a guide:
http://code.google.com/intl/pt-BR/speed/public-dns/docs/using.html

Remember to save a back up of your configs.

Run the command prompt, "ipconfig /all > backupinfdns.txt" or "ifconfig > backupinfdns.txt".

It's most likely that you'll not need this information, but caution is never too much.(the config will be saved in your working directory that is the one you'll be seeing in the prompt)
0
 

Author Comment

by:Yogesh_Exchange_Expert
ID: 34977268
i want to setup own public dns
0
 

Author Comment

by:Yogesh_Exchange_Expert
ID: 34977294
my simple question is i want to setup my own public DNS server what all the steps and requirement for it.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 3

Expert Comment

by:sergiobg57
ID: 34977299
The steps are pretty much the same.
You just need to substitute the google's DNS by your own.

But of course, it's only if you already have a DNS server.
Do you have it?
0
 

Author Comment

by:Yogesh_Exchange_Expert
ID: 34977348
Actually customer has already taken external ip and register there dns server with name of www.xyz.com now he want us to setup the internal setup. so whats need to be done just want to know this. he want to use this dns for hosting all his websites.
so whats the requirements for this.
0
 

Assisted Solution

by:Yogesh_Exchange_Expert
Yogesh_Exchange_Expert earned 0 total points
ID: 34977378
Please let me know ASAP customer is waiting for reply.
0
 

Accepted Solution

by:
Yogesh_Exchange_Expert earned 0 total points
ID: 34977463
You will have to open port 53 (DNS) for TCP and UDP both on your firewall to forward requests your server.  
You would then have to register your Public IP as the Name Server for your domain with your name registrar.
Allow ICMP traffic on firewall to ping from external network.

0
 
LVL 20

Expert Comment

by:Daniel McAllister
ID: 35002617
While I see the question has been requested to be closed, I don't see a reasonable answer so I'm going to provide one.

Let's start at the beginning -- a DNS server's primary task is that it answers requests from clients about the IP addresses of the domains for which it has direct information (either as a master zone server, or a slave that gets its data from a master zone server).

So, if you've got a registered domain, example.com, and you host your own DNS servers, then you've notified your domain registrar of this fact and created the appropriate GLUE records with them so that the world will know that the DNS servers for example.com are your server's IP addresses. (I use ploural here, because technically you're supposed to have AT LEAST two DNS servers defined for any Internet Domain Name).

OK -- so let's assume you have that setup already... sometimes, you then want that DNS server to also resolve "public" (that is, other Internet) domains for your local (LAN) clients. To do this, all that needs to happen is that the DNS server enable a function called RECURSION (or RECURSIVE LOOKUPS). What this means is that the DNS server uses a preset "root hints" file of 13 "top-level" DNS servers to fully resolve a name resolution request. The process kinda goes like this:
- The server gets a request for www.anotherexample.com
- The server determines that it is NOT a local domain (in other words, it is NOT a server for that domain)
- The server determines that it is allowed to do recursive lookups for the client making the request
- The server determines that it does NOT already have a cached copy of the resolved IP address
- The server checks for the next higher level domain (in this case anotherexample.com
- The server determines that is is not a local domain (this time, just the domain name, not the www), & it is not cached
- The server checks for the next higher level domain (in this case just plain com, or "dot-com")
- The server determines that is is not a local domain (this time, just the com), & it is not cached
- The server checks for the next higher level domain - but now we're at the TOP of the tree, so the server asks one of the 13 ROOT HINTS servers for a list of .com servers
- Using that list, the server requests from the .com name servers a list of servers for anotherexample.com
- Using that list, the server requests from the anotherexample.com name servers a list servers for www.anotherexample.com
- Using that, the server finally replies to the client with the list of "resolved" IP addresses for www.anotherexample.com

As you can see, there can be quite a lot of overhead -- but it is lessened by the fact that each response is cached so that lookups don't take so long in the future.

Now to some, this is what is referred to as being a "public" DNS server -- even though, if you're smart, you'll only allow LAN clients to use that recursive function -- and not anyone on the Internet.

But to others, a truly public DNS server is willing to do these resolutions for anyone, anywhere. Some common public DNS servers are Verizon's 4.2.2.2-4.4.4.5, and Google's 8.8.8.8. But to intentionally be another of these servers, all one needs to do is open TCP and UDP ports 53 to your DNS server and allow recursion for all. Then be prepared for a LOT of hits -- especially once it is discovered that you're a public DNS server.

I do NOT recommend becoming a truly public DNS server -- and being a master zone server as well as a public DNS server for LAN clients is difficult for Windows DNS servers because they cannot block only certain clients from doing recursion. But Linux DNS servers do this well.

I hope this better answers this question -- if not for the original author, then for future readers.

Dan
IT4SOHO
0
 

Author Closing Comment

by:Yogesh_Exchange_Expert
ID: 35005388
k
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
Let's recap what we learned from yesterday's Skyport Systems webinar.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month11 days, 14 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question