Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

DNS on a domain

Posted on 2014-04-04
8
Medium Priority
?
197 Views
Last Modified: 2014-04-07
On our domain we have a PDC which also serves as the DNS for devices connected to the domain.  We have an email server on a separate machine with a static IP address.  For the users connected to the domain I would like calls to that machine (emailsvr) to use the domain IP address (192.x.x.x).  For mobile users (i.e., laptops) I want the domain IP address used when connected to the domain and the public IP address used when outside the domain.

Currently all calls to the email server route through the public IP (been working that way for years) even if connected to the domain.  Seems a roundabout way to get to a server that is on the domain.

I have tried LMHOSTS on the PDC and have the TCP/IP protocol selected to use LMHOSTS.  In that file on the PDC I have an entry with "IP Adresss    emailsvr #PRE" (w/o the quotes).

Any clues?
0
Comment
Question by:dmned
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 7

Expert Comment

by:Delete
ID: 39978896
Are you using Exchange?

Is your Domain Controller hosting your company's public DNS or are you using split DNS?
0
 

Author Comment

by:dmned
ID: 39979236
We are not using Exchange.

The DC is set to be the DNS for the computers who are connected to the domain.  Most of the computers are fixed workstations which never leave the office so it makes since for them to point directly to the 192.x.x.x IP address of the mail server.  However, laptops need to use the public IP of the server when not connected to the domain.  I would like the laptops to use the 192.x.x.x IP address when they are in the office connected to the domain.  Seems more efficient.

I saw split DNS on some search results but didn't read about it because I wasn't sure it fit what I am asking.
0
 
LVL 36

Expert Comment

by:Kimputer
ID: 39979366
When the laptops are NOT connected to the domain, they're surely using the DNS server at the onsite location (which is different everytime depending on where they are) ? It means you just have to set your public DNS records straight?
Let your ISP do it, or ask them for the config panel so you can do it yourself.

So, i.e. INSIDE domain, mail.domain.com = 192.x.x.x.x (your own DNS server handles this)
OUTSIDE the domain, mail.domain.com = public IP (your domain registrar handles this, they have to do it, or you have a plesk or cpanel or whatever config page to do it)
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:dmned
ID: 39980330
@Kimputer

Paragraph 1 ... agreed; this is not an issue.

Paragraph 2 ... INSIDE the domain is what I am trying to accomplish.  The DC is the DNS and I tried using a LMHOSTS file to "guide" the DC to know to look inside the domain for mail.domain.com but it still goes outside the domain to the public IP.
0
 
LVL 7

Accepted Solution

by:
Delete earned 600 total points
ID: 39980403
I am going to need further clarification.

Does your DNS server not host an A record and an MX record for your mail server?  If so, what IP are those pointing at?

If your DNS server is hosting a zone for yourdomain.com and your mail server record is mailx.yourdomain.com, then any DNS traffic that hits your Domain Controller/DNS server will be resolved by the records hosted on your internal DNS server.  This would mean that your publishing your external IP to your internal clients via your DNS server.  However, if your Domain Controller/DNS server is also responsible for answering external DNS queries then you can't change your DNS records.

Lets do a test.  Do the following and report back with the results.

Open a command prompt and type the following commands.

1. Type "nslookup" and hit enter.
2. Validate that the Default Server is your Domain Controller/DNS server.
3. Type "set q=ns" and hit enter.
4. Type in the DNS name of your mail server (i.e. emailsvr.yourdomainname.com) and hit enter.
5. Does it come back with your Domain Controller/DNS server as a response?  If not what does it come back with?

6. Next type "set q=a" and hit enter
7. Type in the same DNS name you did for step 4 and hit enter.
8. Does it return your internal or external IP address for you mail server?

9. Lastly, type "set q=mx" and hit enter
10. Type in only the name of your domain (i.e. yourdomainname.com) and hit enter.
11.  What does it come back with as far as IP address and server names goes?  (if it returns just your DNS server info then it didn't find an MX record).
0
 
LVL 36

Assisted Solution

by:Kimputer
Kimputer earned 600 total points
ID: 39980506
Oh wait, I thought your own DNS server wasn't a problem, but it seems it IS!
No need to use LMHOST.
Just use the DNS management console, add a zone for domain.com (or if you already use FQDN for your inside domain, no need), then add an A record for mail.domain.com, assign an IP address, that's it.
0
 

Author Closing Comment

by:dmned
ID: 39980541
@Kimputer and @Justin F...

Both your solutions were very helpful.  I did the nslookup first to check those replies.  Everything was consistent with the DNS for the mail server looking outside of the DNS on the DC.

I then used the DNS management console to add the email server as an (A) record and then pinged the mail.domain.com name.  Still had the public IP. :|

I then renamed the LMHOSTS file to LMHOSTS.OLD, ran nbtstat -R and nbtstat -c from the command prompt and the local IP is now delivered back.

The full test will be Monday when everyone return to the office.

Thank you both.
0
 

Author Comment

by:dmned
ID: 39983259
A *final* report (I hope) on the discussion above...The changes implemented Saturday appear to be sticking and not causing any issues with the users as they have returned to work this week.  And access from outside the office via the public IP also remains undisturbed.

Thank you again!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question