Solved

Split DNS with Windows 2008 Server

Posted on 2013-06-24
4
601 Views
Last Modified: 2013-06-28
I have a DNS server that is on a DC that in the past typically stored the internal IP addresses for various hosts...  This makes sense for my domain environment.  But.. We also host various websites.  My question is in regards to the hosting / DNS resolution of websites.  So, for example..  On GoDaddy.com we'll use their DNS server and simply create A records pointing to the public IP of my web server.  I then have  NAT rule that sends all HTTP traffic to the private IP of my web server.  My internal DNS server returns this private IP address when queries are made against it...  Since only internal requests exists it works just fine.  That makes sense and is very simple.  Now...  I would like the ability to point GoDaddy to my DNS server directly and have it answer the public DNS queries.  I also need my DNS server to still answer private requests for users will be hitting these websites internally also..  As I understand I need to setup split DNS.  This would be two zones. One for private and one for public requests...  My only question is how to tell the DNS server to allocate one zone for private and one for public?
0
Comment
Question by:gopher_49
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 18

Assisted Solution

by:Netflo
Netflo earned 250 total points
ID: 39272382
I would recommend keeping your setup the way it is, for security purposes. To achieve your goal you would ideally need to introduce another server and place it in your DMZ done. Note this server does not replicate or talk to your internal DNS servers. You would also need to administer two zones, internal and external DNS names.
0
 
LVL 40

Accepted Solution

by:
footech earned 250 total points
ID: 39273440
I second the recommendations by Netflo.
Note that if the hostnames that you're trying to serve to both internal and external clients are using the same domain name, there is no way to specify more than one zone with the same name.  For instance, if both internal and external clients are trying to reach a host in the domain "example.com", you can't have two zones named "example.com" (on the same server) whereby responds to internal clients and one responds to external.
Even if the domain names are different, I would never recommend having your DC's DNS exposed to the internet.
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39274648
0
 

Author Closing Comment

by:gopher_49
ID: 39284473
I'm going to keep my current config for now...  One I learn how to manage both DNS via websitepanel.net's solution I'll then move to the second DNS server config...  Everything works really well now..  Just trying to figure out how to allow end users/web developers to point to my DNS versus them creating host records.  For now this is fine...  The public IP's the host records are pointing to are about to be in a cluster and even upon hardware failure there is no need to change the IP address it's pointing to..

Thanks.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question