Minus Human Posted July 7, 2004 Share Posted July 7, 2004 Hello Everyone I need to setup external DNS for our university as a test moving our current DNS from NT4 to 2003. If all goes well the 2003 box will replace NT4. I'm not that familiar with the relationship between External DNS and internal DNS and would appreciate if someone could give some "best practices" and how these 2 work together as well as some info on setting this up. I’ve been looking for documentation all over the net to clear up this issue but I haven't been able to find anything solid yet.From what I’ve been able to gather some recommend that your external DNS be outside your Firewall (in our case Border manager) others not because it's Microsoft DNS, are there any advantages for having it outside the firewall as opposed to behind? Thank YouMinus Human Link to comment Share on other sites More sharing options...
Minus Human Posted July 8, 2004 Author Share Posted July 8, 2004 C'mon guys surely there's someone who can give some usefull information.Minus Human Link to comment Share on other sites More sharing options...
MadGutts Posted July 8, 2004 Share Posted July 8, 2004 Is the server for WEB Hosting, or network access? Is this the only server on the network with DNS?If you are just setting up an authentication server, then it should be inside the firewall. All the workstations should then use that server for the DNS resolution.Then all you need is the DNS forwarders configuredHope this is of some help... Link to comment Share on other sites More sharing options...
Mr_Caine Posted July 10, 2004 Share Posted July 10, 2004 If your moving a domain from NT4 to a 2000/2003 domain you sure do need DNS - active directory relies heavily on it.I'm not quite sure what you mean by external and internal DNS. You might configure an external DNS server to provide DNS resolution for certain services such as www, however most ISPs will provide this for you I believe. If you did host an external DNS server then you'd probably want it outside the firewall.If your DNS server is actually being used to provide the internal DNS resolution required by AD then you'd want that internal and hidden well away from the internet.Hope this helps Link to comment Share on other sites More sharing options...
Minus Human Posted July 12, 2004 Author Share Posted July 12, 2004 Thanks Guys.we have 2 servers on the network for DNS - internal to serve all our internal clients and external. as u prob guessed the internal forward any request to the external for www queries.Minus Human Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now