Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

DNS server windows 2012

Posted on 2014-11-05
12
Medium Priority
?
409 Views
Last Modified: 2014-11-06
I have a windows 2012 dns server and configured only companydomain.local.

our ISP suggested that must be  one more Zone with (.com addresse) like  companydomain.com.

How can i do ? Its our main Domain controller should i before do something consider?

Thank you so much
0
Comment
Question by:apollo-13
  • 7
  • 3
  • 2
12 Comments
 
LVL 36

Assisted Solution

by:Seth Simmons
Seth Simmons earned 1200 total points
ID: 40424106
they are probably referring to split dns

Windows - Setting Up Split DNS
http://www.petenetlive.com/KB/Article/0000830.htm
0
 

Author Comment

by:apollo-13
ID: 40424145
i had till today only Zone  (company.local ) in my DNS ,but they say better is also company.com zone should in dns server.
0
 

Author Comment

by:apollo-13
ID: 40424158
i have registered domain name companydomain.com ,but i do not know is it good idea cerating in dns?
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 36

Assisted Solution

by:Seth Simmons
Seth Simmons earned 1200 total points
ID: 40424168
for certain services like exchange you will need it since it will need to refer to .com address
is there a reason for having a .com internal zone?
0
 

Author Comment

by:apollo-13
ID: 40424182
i have 10 servers ,which uses externaly like.mail.companydomain.com , ftp.companydomain.com etc

all they forwarted over firewall externaly and pointed to intern. I think this the reason.
0
 
LVL 36

Assisted Solution

by:Seth Simmons
Seth Simmons earned 1200 total points
ID: 40424189
internal users can still use the .local address
however, anything that uses SSL (like exchange) with a certificate using the .com address you need split dns
0
 

Author Comment

by:apollo-13
ID: 40424194
if i have a problem after creating (.com)zone ,can i erase or is it not possible? Because i do not want to something wrong
0
 
LVL 27

Assisted Solution

by:DrDave242
DrDave242 earned 800 total points
ID: 40424545
You can delete the new zone if you experience problems, but I have to ask, are you experiencing any problems currently, without the .com zone? It may be completely unnecessary in your environment.
0
 

Author Comment

by:apollo-13
ID: 40424579
actually i do not have problem.
i just know that without extern zone(.com)in dns, example: if i write https://exchange.companydomain.com then first i come to ISP then to intern network then again isp .is it correct? long way
0
 
LVL 27

Accepted Solution

by:
DrDave242 earned 800 total points
ID: 40424637
Without that zone, your internal machines will use an external DNS server to resolve companydomain.com names (unless they're cached on your internal DNS server), and those names will resolve to external IP addresses. This can lead to traffic coming from your internal network and hitting the external interface of your router, which some routers don't like (though many of them can be configured to accept this).

The point of setting up split DNS is so that your internal machines can resolve those public names to internal IP addresses. Using the example you mentioned above, inside your internal companydomain.com zone, you'd create a host record named exchange and give it the private address of your Exchange server. This way, your internal machines could access the server using the exchange.companydomain.com name (which may be necessary to avoid SSL certificate warnings, as Seth alluded to above), but the name would resolve to the private IP of the server, so traffic from internal machines to the server doesn't have to go through the router.

There's nothing wrong with creating the .com zone; it's just important to know what it's used for.
0
 

Author Comment

by:apollo-13
ID: 40425819
Hi DrDave
Thank you so much so SUPER exlanation.
Yesterday i did new zone and works good at the moment. Of course now little bit better coonection at my network Because all resolved intern.

Again thanks for all
0
 

Author Closing Comment

by:apollo-13
ID: 40425821
perfect
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
What to do when Windows Update is not working correctly? What tools can I use to detect the cause of the malfunction problem? What does this numeric error code mean? These and other questions that you have been asking in the past are answered here (…
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question