seth corduan

I currently have a setup where for my LAN I am using a W2K PDC. Also on the
lan is a W2K(Pro) station that connects to my Dial-up ISP and uses ISC.
Additionally, I have a purchased domain (My W2K Domain) which I am having
hosted on the public 'Net. My IP addresses are static within the domain, so
basically the ISC box does the routing and NAT.

I have read:
http://homepages.tesco.net./~J.deBoy...ContentServers

which seems to describe a typical Split Horizon setup. The probem is that
this seems to assume control of all name servers involved. I do not have
control of the name servers that my host is using for my public 'Net
presence. I also have locations that are internal to my ISP which my clients
need to connect to.

So the question is one of, what DNS Client setup, and setup on the DNS
server will allow me to get information from:

My PDC for my internal network:
My ISC Box for my ISP's internal network:
My hosts Nam'e Servers's for my external presence.
My ISC Box for the rest of the world.

I would like to hear suggestions that both do, and do not, involve adding a
Resolving DNS Server in the middle, if you have them.

Hope to gain an ejikashun!

roger abell [mvp]

You are using one DNS name for two purposes.
Their may only be one verison of a DNS domain present in
a resolution space, such as is your internal Lan/AD environ.
Any host locatable in the outside version of your DNS domain
will only be locatable by your LAN machines by entering DNS
records for it within your internal resolution space. The outside
version of the zone is inaccessible as the internal masks it.

If your ISP is not able to host the external DNS records that
you need, then you need to move the hosting of that version
of your DNS domain to another provider, or you need to run
a DNS service separate from that which you now run for
internal consumption.

Those are the option if I have understood your scenario.

Roger

seth corduan

That was my assumption, I just thought I would verify it with some more knowledgeable folk.


No, they handle the external just fine. I was more commenting on the fact
that I can't set up any kind of a zone transfer relationship between the
two, to my knowledge, because I am not in control of the external server.


Sounds like it.


Seth C

kevin d. goodknecht [mvp]

In news:u8uiU1g2DHA.560@TK2MSFTNGP11.phx.gbl,
Seth Corduan <sethc@ontario.com> posted a question
Then Kevin replied below:
: I currently have a setup where for my LAN I am using a W2K PDC. Also
: on the lan is a W2K(Pro) station that connects to my Dial-up ISP and
: uses ISC. Additionally, I have a purchased domain (My W2K Domain)
: which I am having hosted on the public 'Net. My IP addresses are
: static within the domain, so basically the ISC box does the routing
: and NAT.
:
: I have read:
:
http://homepages.tesco.net./~J.deBoy...ContentServers
:
: which seems to describe a typical Split Horizon setup. The probem is
: that this seems to assume control of all name servers involved. I do
: not have control of the name servers that my host is using for my
: public 'Net presence. I also have locations that are internal to my
: ISP which my clients need to connect to.
:
: So the question is one of, what DNS Client setup, and setup on the DNS
: server will allow me to get information from:
:
: My PDC for my internal network:
: My ISC Box for my ISP's internal network:
: My hosts Nam'e Servers's for my external presence.
: My ISC Box for the rest of the world.
:
: I would like to hear suggestions that both do, and do not, involve
: adding a Resolving DNS Server in the middle, if you have them.
:
: Hope to gain an ejikashun!

All of your AD Domain member machines *must* use the DC for DNS including
the Win2k Pro if the machine is a member of your AD domain. If there are
names on the ISP's DNS that only it can resolve and cannot be resolved by
using recursion from the Root servers, you will need to set a forwarder to
your ISP's DNS on the Forwarders tab of the DNS server's properties, then
check the box "Do not use recursion" also on the forwarders tab. By checking
this box your DNS server will forward all unknown domains to your ISP's DNS
and will not attempt to contact the root hint servers to resolve an external
domain.

Now, if your internal AD Domain DNS name is the same as your public DNS name
that is hosted elsewhere, you must manually add these records to your
internal domain DNS zone. (records such as www, ftp, and mail.) Give them
the address of the externally hosted sites. If you host any of these sites
locally these records must point to the internal address of the machine you
host them on.

The alternate to creating these records is to create a delegation for the
name (www, ftp, and mail) and point that delegation to the actual
Authoritative DNS servers for you external name. This is provided the sites
are hosted externally. If you are having a problem understanding what
records you need to create post back with the name of the sites you need to
access, I will look up the sites and give you step by step instructions on
the records you need to create.


--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your issue.
To respond directly to me remove the nospam. from my email.
==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================

jonathan de boyne pollard

SC> The probem is that this seems to assume control of all name
SC> servers involved. I do not have control of the name servers
SC> that my host is using for my public 'Net presence.

You may not have _direct_ control, but you do have control. You are buying
DNS hosting services from _someone_. If you have more resource records for
your domain names that you wish to publish in the public DNS database, go to
that someone and tell them what extra resource records you want published. If
your DNS hosting service refuses to publish resource records that don't fit
its "template", shop around a bit and switch to a DNS hosting service that
does.

SC> I also have locations that are internal to my ISP which my
SC> clients need to connect to.

What does this mean ? Does it mean that you wish to publish domain names in
the public DNS database that map to content HTTP servers run by your ISP
(rather than by you) ?

SC> what [...] setup on the DNS server will allow me to get
SC> information from:
SC>
SC> My PDC for my internal network:
SC> My ISC Box for my ISP's internal network:
SC> My hosts Nam'e Servers's for my external presence.
SC> My ISC Box for the rest of the world.

You are conflating content HTTP service with content DNS service (and
suffering from a pretty advanced case of Grocers' Apostrophe, incidentally).
Concentrate on DNS service. What (and how many) different views of the DNS
namespace do you want, and what entities do you wish to see each of those
views ? Put another way: What DNS data do you wish to publish, and to whom ?

seth corduan

No... I only meant this in reference to the split horizon setup which, I
believe, wants one to be able to setup delegation and zone transfers. No can do.

No, by "clients" I meant my internal DNS clients. Let me add a smidge more
info.

We are talking about my home network. My employer graciously allows me to
dial into their network as if they were an ISP. However, sometimes I need to
work from home, and access my employers servers. (They are who I referred to
as my ISP.) I also maintain my own email server hosted at a completely
separate location from my employer or my LAN.

I'm not sure what conflating means, actually. But I think I can
contextualize. I actually was listing here all of the zones I need to
access. To rephrase, my internal DNS clients need to know about:

Corduan.net Zone (internal) SOA my PDC corduandc1
Corduan.net Zone (External) SOA ns
cp1.myhostdns.org,cp2.myhostdns.org,cp3.myhostdns. org
employer.com Zone (internal) SOA dns.employer.com
internet zone reference dns.employer.com

my external DNS clients only need to know about what exists on the myhostdns.org servers.

incidentally).

Unfortunately, I picked it up during an overseas trip. I've tried both
prescription and over-the-counter anti-fungal creme, and even the pills, but
I can't get rid of it.


DNS


whom ?

I think I clarified this above?

seth corduan

I think you get the prize for understanding my apparently cryptic
description of the situation.

That was my initial impression. I get the feeling from what I've seen on the
group, lately, that it is best to have the domain be something other than the external domain.


Sounds like I need to learn a bit about delegation, then. My basic BIND
studies, etc. did not get into that.