DNS issue..wiered scenario

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

KK - 17 Aug 2004 15:56 GMT

hello,
i have a weird scenario.I have 2 DNS servers which are
holding all internal records on NT 4 server machines.These
DNS's are not dynamic and many server entries which people
from different department and VPN clients are accessing
are statically typed in.
These static entries are in accrodance with our external
www domain name and not in tune with our NT 4 server
structure.
e.g NT 4 domain name is "toto", external actual domain
name of the company is "lolo", so all internal servers are
statically typed in both the internal dns server's as
server1.lolo.com
server2.lolo.com
server3.lolo.com

this zone is then push to external DNS servers, who has a
secondary copy of it.

All login scripts and drive mappings are using these names.

Now i am moving over to AD, for which i need a valid FQDN,
if i choose the internal domain name to be local.toto.com,
i wil be creating a DNS primary zone for local.toto.com
and to have AD full functionality to work the DNS has to
be dynamic...I was wondering what is the best way to go
about it so that users will have less impact overall and
my servers will still be able to acess all the services
fine.

Thanks
KK

Reply to this Message

Kevin D. Goodknecht Sr. [MVP] - 17 Aug 2004 16:16 GMT

> hello,
> i have a weird scenario.I have 2 DNS servers which are
[quoted text clipped - 26 lines]
> my servers will still be able to acess all the services
> fine.

Since you are using VPN clients I suggest an AD DNS name of toto.local
instead of local.toto.com.
You can use local.toto.com, but it can cause issues with the VPN clients
resolving local.toto.com since local.toto.com doesn't exist in the public
toto.com namespace.

To get around this use toto.local for the AD domain, or have the name
"local" delegated to the private IP of the DC in the public zone. Your DNS
hosting company for the public domain toto.com may have a problem with
creating a delegation pointing to a private IP, that is why I recommend
toto.local, it causes the public DNS servers to delay long enough for the
internal DNS to respond for the VPN clients.

Signature

Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
================================================
--
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
================================================
http://www.lonestaramerica.com/
================================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
================================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
================================================

Reply to this Message

anonymous@discussions.microsoft.com - 17 Aug 2004 20:59 GMT

Hi Kevin,
thanks for your input.I have 2 more further question isn
this scenario.What's your take on,
1. if i would rename the local AD domain to local.lolo.com
( where lolo is my external web presense name) i guess the
internal server ( local LAN systems) would then become
file.local.lolo.com
whereas earlier they were file.lolo.com ( which were
entered manually)

NOte: I might also keep WINS even till we go NAtive.

2.WIll it create any trouble if i have two zones sitting
on the same server with entries like

local.lolo.com
file.locol.lolo.com 1.2.3.4

toto ( internal domain name)
file.lolo.com 1.2.3.4

and if no then , will my users will see no difference
whatsoever when this entry is added.

Thanks
KK

>-----Original Message-----
>In news:7cba01c4846a$6a029350$a601280a@phx.gbl,
[quoted text clipped - 43 lines]
>toto.local, it causes the public DNS servers to delay long enough for the
>internal DNS to respond for the VPN clients.

Reply to this Message