Solved

DNS server windows 2012

Posted on 2014-11-05
12
381 Views
Last Modified: 2014-11-06
I have a windows 2012 dns server and configured only companydomain.local.

our ISP suggested that must be  one more Zone with (.com addresse) like  companydomain.com.

How can i do ? Its our main Domain controller should i before do something consider?

Thank you so much
0
Comment
Question by:apollo-13
  • 7
  • 3
  • 2
12 Comments
 
LVL 34

Assisted Solution

by:Seth Simmons
Seth Simmons earned 300 total points
ID: 40424106
they are probably referring to split dns

Windows - Setting Up Split DNS
http://www.petenetlive.com/KB/Article/0000830.htm
0
 

Author Comment

by:apollo-13
ID: 40424145
i had till today only Zone  (company.local ) in my DNS ,but they say better is also company.com zone should in dns server.
0
 

Author Comment

by:apollo-13
ID: 40424158
i have registered domain name companydomain.com ,but i do not know is it good idea cerating in dns?
0
 
LVL 34

Assisted Solution

by:Seth Simmons
Seth Simmons earned 300 total points
ID: 40424168
for certain services like exchange you will need it since it will need to refer to .com address
is there a reason for having a .com internal zone?
0
 

Author Comment

by:apollo-13
ID: 40424182
i have 10 servers ,which uses externaly like.mail.companydomain.com , ftp.companydomain.com etc

all they forwarted over firewall externaly and pointed to intern. I think this the reason.
0
 
LVL 34

Assisted Solution

by:Seth Simmons
Seth Simmons earned 300 total points
ID: 40424189
internal users can still use the .local address
however, anything that uses SSL (like exchange) with a certificate using the .com address you need split dns
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:apollo-13
ID: 40424194
if i have a problem after creating (.com)zone ,can i erase or is it not possible? Because i do not want to something wrong
0
 
LVL 25

Assisted Solution

by:DrDave242
DrDave242 earned 200 total points
ID: 40424545
You can delete the new zone if you experience problems, but I have to ask, are you experiencing any problems currently, without the .com zone? It may be completely unnecessary in your environment.
0
 

Author Comment

by:apollo-13
ID: 40424579
actually i do not have problem.
i just know that without extern zone(.com)in dns, example: if i write https://exchange.companydomain.com then first i come to ISP then to intern network then again isp .is it correct? long way
0
 
LVL 25

Accepted Solution

by:
DrDave242 earned 200 total points
ID: 40424637
Without that zone, your internal machines will use an external DNS server to resolve companydomain.com names (unless they're cached on your internal DNS server), and those names will resolve to external IP addresses. This can lead to traffic coming from your internal network and hitting the external interface of your router, which some routers don't like (though many of them can be configured to accept this).

The point of setting up split DNS is so that your internal machines can resolve those public names to internal IP addresses. Using the example you mentioned above, inside your internal companydomain.com zone, you'd create a host record named exchange and give it the private address of your Exchange server. This way, your internal machines could access the server using the exchange.companydomain.com name (which may be necessary to avoid SSL certificate warnings, as Seth alluded to above), but the name would resolve to the private IP of the server, so traffic from internal machines to the server doesn't have to go through the router.

There's nothing wrong with creating the .com zone; it's just important to know what it's used for.
0
 

Author Comment

by:apollo-13
ID: 40425819
Hi DrDave
Thank you so much so SUPER exlanation.
Yesterday i did new zone and works good at the moment. Of course now little bit better coonection at my network Because all resolved intern.

Again thanks for all
0
 

Author Closing Comment

by:apollo-13
ID: 40425821
perfect
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now