How configure Windows Server 2012 for External/Public DNS?
Hi,
I have Windows Server 2008 R2 AD integrated DNS with single domain for internal and external purpose. Now we need to split our DNS in to two to disable the open recursion. As we have only 1 domain, what are the steps to create a standalone Windows Server 2012 based DNS for external/public purposes. I am attaching a screenshot of my existing DNS,
I have Windows Server 2008 R2 AD integrated DNS with single domain for internal and external purpose. Now we need to split our DNS in to two to disable the open recursion. As we have only 1 domain, what are the steps to create a standalone Windows Server 2012 based DNS for external/public purposes. I am attaching a screenshot of my existing DNS,
ASKER
Yes, we would like to manage our own External DNS server.
Yes, we want to use our existing DNS as our internal AD integrated and build a new DNS server for External purposes.
Yes, we want to use our existing DNS as our internal AD integrated and build a new DNS server for External purposes.
Are you using 1 domain? I would go for an internal DNS domain and an external one. You can still use the same names for your services. So let's say you have webmail and you want to add it internally you would have webmail.domain.local and externally a domain called webmail.domain.com (externally).
If you split your domain into 2 DNS servers (even if it is possible) i believe your DNS request will go awire..
If you split your domain into 2 DNS servers (even if it is possible) i believe your DNS request will go awire..
ASKER
Yes, we have only one domain, lets suppose abc.com and I am afraid if we can change it. Can we use the same name for both DNS servers?
To be honest i don't believe you can and even if you could, you could never use the same IP adres, this is not a very good idea.
Don't you have an option to only service internal DNS request internally and let your ISP run the external one for you?? I believe the only other option you have is using split DNS.
Don't you have an option to only service internal DNS request internally and let your ISP run the external one for you?? I believe the only other option you have is using split DNS.
ASKER
Well, we want to split our DNS. For sure, we will use different IPs.
But if you would like to do this you would actually need 2 domains (internal and external) otherwise your users will have issues resolving domain names. Do you think that that is an option??
ASKER
Well, I don't know how will it affect our existing setup as it is AD integrated. What do you think, how much will it affect our existing AD setup?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Do you mean that your DNS server is exposed to the outside world so users can access internal resources on FQDN?? I don;t believe you can actually split up 1 DNS zone into 2 servers.
The question is what would you like to achiev? Normally a setup of DNS contains an internal and an external DNS. Meaning you would have 1 DNS server for internal resolvance, mostly AD integrated (for secure sync) and 1 external standalone in a DNS zone if you would actually like to manage your own external DNS zone.
Lang story short, i think we need some more info to give solid advice.