DNS resolution Windows Internal DNS to an External hostname/IP
this scenario:
1. have windows internal dns (integrated ad).
2. have external dns running on bind resolves dmz external world.
3. owa being published external world follows "webmail.domain.com" , has 2 different ip's associated record.
so nslookup "webmail.domain.com" will result example on 152.34.100.1 , 40.30.01.22 each ip belongs different isp provider.
we internal resolutio (computers inside) resolve when connecting "webmail.domain.com" following ip 40.30.01.22 never go 152.34.100.1.
any thoughts? thank you!
is your internal dns namespace different external namespace? is best practice not have same namespace internal , external dns.
if have separate namespace, can create webmail host record, with ip 40.030.01.22, on internal dns. users have access owa using internal dns namespace, such webmail.domainint.com, or webmail.int.domain.com
if using same namespace internal , external dns, or if simply do not want to use different domain name, you can still have internal computers resolve 40.30.01.22 address first. assuming client computers pointing internal windows dns server, need to have record on dns server webmail.domain.com address 40.30.01.22. if internal dns server not host domain.com zone, have create 1 on server (either primary or ad-integrated). may cause bit of confusion, , why i recommend separate namespaces. problem once create domain.com zone on internal dns, have maintain records domain.com hosts or else internal clients not able resolve addresses computers. example, in addition webamil.domain.com, let's have webserver.domain.com on internet, internal users access. webserver.domain.com has address of 152.34.100.2, , can be resolved internet. internal user tries to access webserver.domain.com. first dns server hits hosts domain.com zone (because created webmail), no record exists webserver. dns server reply client "servername can't find webserver.domain.com: non-existent domain" , client not have address, site not load. fix this, create host record webserver (152.34.100.2) in domain.com zone on internal dns server. client address dns server. have every host internal clients need resolve addresses for.
if have separate namespace, can create webmail host record, with ip 40.030.01.22, on internal dns. users have access owa using internal dns namespace, such webmail.domainint.com, or webmail.int.domain.com
if using same namespace internal , external dns, or if simply do not want to use different domain name, you can still have internal computers resolve 40.30.01.22 address first. assuming client computers pointing internal windows dns server, need to have record on dns server webmail.domain.com address 40.30.01.22. if internal dns server not host domain.com zone, have create 1 on server (either primary or ad-integrated). may cause bit of confusion, , why i recommend separate namespaces. problem once create domain.com zone on internal dns, have maintain records domain.com hosts or else internal clients not able resolve addresses computers. example, in addition webamil.domain.com, let's have webserver.domain.com on internet, internal users access. webserver.domain.com has address of 152.34.100.2, , can be resolved internet. internal user tries to access webserver.domain.com. first dns server hits hosts domain.com zone (because created webmail), no record exists webserver. dns server reply client "servername can't find webserver.domain.com: non-existent domain" , client not have address, site not load. fix this, create host record webserver (152.34.100.2) in domain.com zone on internal dns server. client address dns server. have every host internal clients need resolve addresses for.
Windows Server > Platform Networking
Comments
Post a Comment