?
Solved

how configure my DNS server

Posted on 2012-08-23
7
Medium Priority
?
520 Views
Last Modified: 2013-01-30
Hello I have a domain with inside pc's must to resolve a dyndns.org name to an internal IP, the out pc's have to resolve the same dyndns.org name to the dyndns service to get the ip.

In resumen, I have to configure my DNS to resolve the myname.dyndns.org to the ip 192.168.1.30

Thanks
0
Comment
Question by:limmontreefree
7 Comments
 

Expert Comment

by:zeusie85
ID: 38327697
Sorry can you please ask the question again. What you are saying does not make any sense in the slightest.
0
 
LVL 5

Accepted Solution

by:
kevinhigg earned 500 total points
ID: 38327729
Zeusie, it looks like the intent is to have the same FQDN resolve to different addresses depending upon client location.  From outside the network, it should resolve normally via the DynDNS service.  From inside the network, the name should resolve to the private address (192.168.1.30).

Do the inside machines ever move outside (laptops)?  You could handle this in a couple of ways, but resolving a host to different addresses can create interesting troubleshooting scenarios.

- Add to the HOSTS file of the inside machines.  This is not dynamic, and is painful to maintain, but may provide an option.
- Create a zone for blah.dyndns.org on your DNS server.  You could then modify the internal resolution of this name by manipulating records within your control.  Need to be careful here to make sure that you don't accidentally convince your internal clients that you're authoritative for the entire domain.
- Maybe a hybrid which uses a CNAME instead of the dyndns.org FQDN?  If you have a split-horizon DNS implementation, this may be the most elegant of less than ideal options.

Kind regards.
0
 
LVL 23

Assisted Solution

by:savone
savone earned 500 total points
ID: 38327755
Do you have an internal DNS server?

If so make the internal server authoritative for the dyndns.org zone.  Add your A record to 192.168.1.30.  

Any clients using the internal DNS server (DHCP CLIENTS?) will resolve myname.dyndns.org from the internal server.  If they leave the network (take the laptop home) they will resolve it from the world servers and get the dynamic IP.

We use this sort of setup to blacklist DNS zones.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 41

Assisted Solution

by:footech
footech earned 1000 total points
ID: 38330085
This is basically a restatement of kevinhigg's second option.
If you only have one host name that needs to resolve to an internal IP when inside your network, but you need all other hosts (FQDNs) that are part of dyndns.org to always resolve to their public IPs; instead of creating a forward lookup zone for "dyndns.org", you can create a zone for "myname.dyndns.org" and create an A record inside it with a blank name that points to 192.138.1.30.  If you create a zone called "dyndns.org", then your internal clients will not be able to resolve any DNS names that end with dyndns.org that you have not explicityly created records for.
0
 

Author Comment

by:limmontreefree
ID: 38382191
I apologize for answering you so late.

Afeter reading you, I noticed the question is more complex.

I have a Domain with a ForeFront TMG,  a SharePoint Server, a, Exchange Server and a Remote Desktop Server.

The external IP is dynamic  and I use dyndns service to solve this. I have declared four CNAME zones in the internet DNS.

CNAME         VALUE

www             myname.dyndns.org      internal IP 192.168.1.30
mail              myname.dyndns.org      internal IP 192.168.1.31
Intranet        myname.dyndns.org     internal IP 192.168.1.32
appv             myname.dyndns.org      internal IP 192.168.1.33


 ie three solve the same IP, In the company web site i have three link in the main menu to these Cname and is the TMG reading the head that redirect to the internal IP that is diferent for each server.

Actually all works fine but if the Internet Router is down don't work the Remote Dekstop because all the conecttion are to myname.dyndns.org.

 But if I configure myname.dyndns.org in my internal DNS, INTERNALLY all the request to the sharepoint using the web page links will not work .

Thanks for your patience and for the effort of trying to understand my bad English
0
 
LVL 41

Assisted Solution

by:footech
footech earned 1000 total points
ID: 38396566
Sorry, I'm having trouble understanding.  You haven't made any changes yet have you?  Let me try to restate your problem in my own words, and you can tell me if I'm wrong.

So, in your public DNS you have records as follows:
CNAME        VALUE
www             myname.dyndns.org
mail               myname.dyndns.org
Intranet        myname.dyndns.org
appv              myname.dyndns.org

The myname.dyndns.org (from the internet) of course points to your dynamic IP.

You want to configure your internal DNS so that if the router for the internet is down you can still reach all your sites using the same DNS names (www, mail, etc.).

You mentioned that you configured myname.dyndns.org in your internal DNS.  What kind of record did you create and where did you point it?

I'm guessing that when you say Remote Desktop, you mean you have are using Remote App.  I'm not too familiar with the configuration of Remote App and what URLs it references.

Same with SharePoint - if I remember correctly it can do some rewriting of URLs for when it is being accessed from either the LAN or the WAN.  Can you explain more what you mean when you say "all the request to the sharepoint using the web page links will not work"?  Is this only when the the internet router is down?  Do the links point to "intranet.yourdomain.com"?

However, what I think you will have to do is:
On your internal DNS, create records for www, mail, intranet, appv that point to myname.dyndns.org.  If the name for your internal AD domain is the same as you use on the internet, then you can just create the CNAME records in the Forward Lookup Zone for your domain, but if the name for your internal AD domain is different than the domain name you use on the internet, then you will have to create a new Forward Lookup Zone with the same name as your internet domain name, and create the CNAME records in there.  Then you will also have to create a Forward Lookup Zone called myname.dyndns.org, and create one A record in it that has a blank name (don't enter anything) and point it at the internal IP of your TMG.  Then you have to make sure that the weblisteners on your TMG listen to both the external and the internal interfaces if they don't already.
0
 

Author Comment

by:limmontreefree
ID: 38396844
Hello Footech, thanks for answer.

I think I undestand you, I'll try to do it, and I'll tell you if I have problems.

Thanks you
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question