Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

how to handle two DNS servers on the same PC?

Status
Not open for further replies.

kuzkuz

IS-IT--Management
Joined
Oct 8, 2002
Messages
49
Location
US
Hi, I've took this issue and got an answer from Microsoft that there is no solution for it for in Pc level,
so if you can solve this.... your'e the greatest!

if I got a WIN2000 and I want to work with one DNS server for internet and another for Intranet sites,
how can I set on MY PC which DNS which take over which sites?
I have a a defined domain I want for the intranet, so all the rest can go to the other DNS I guess.

please please tell me if you have a solution who don't require the two DNS to learn each other, that's not possible!

TANX
 
If I'm understanding your question correctly, that's not the way it works. You can't tell a resolver what DNS server to query based on whether you're trying to access intranet or internet resources. Your PC's resolver will simply query the first server listed (Primary DNS) on it's NIC's properties. If that one is down, or simply doesn't answer, the secondary will be queried.
 
Hey, you understood me right, but still is there no way I can bypass this logic? no software utility?

thanks again! 8-)
 
I am not aware of any. May I ask why you feel the need to do this?
 
May I ask why you feel the need to do this? Excelent question. Why not let dns do what it's designed for. Curios? Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com
[americanflag]

"A person often meets his destiny on the road he took to avoid it."
Jean de La Fontaine (1621-1695); French poet.
 
You only need one DNS server for that. Configure your internal domain on it, and let it to look for internet domains when your machines ask for them.
 
to answer your question:
the DNS servers belong to diffurent companies!
and we want one of them to access our Intranet.
that's why I can't just let the DNS servers to learn each other, both comapanies don't agree.
also in the forwarding case it means that one of the companies would rely on each other (the Intranet DNS has internet data also)


help please! anyone?
 
I still don't think I fully understand, but:
Your DNS servers don't have to "learn" from each other, they don't even have to know that the other exists if you don't want them to...
Are you saying the these servers have intranet zones that are named the same, but contain different data? Are they on a connected LAN?
 
Hi sorry if I don't explain myself correctly,
the situation is this:
company X have it's own DNS for Intranet and Internet
Company Y have it's own DNS for Intranet and Internet

we have connected those two networks over the internet with VPN, but when a user want to access the compnay X intranet sites he have to insert his user name and password.

that's why there is no coopration between the two DNS,
is it more clear now?

thanks again.
Kuz
 
Assuming there's no trust in place, it's normal for users to have to enter credentials that are valid in the opposing domain if you want to gain access to resources.
So, what's the problem? Do you want your users to be able to browse both intranets at the same time?
 
Bronto's correct. What makes you think this is dns? It's scritly a rites issue. Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com
[americanflag]

"A person often meets his destiny on the road he took to avoid it."
Jean de La Fontaine (1621-1695); French poet.
 
There is a way to do this:

in each DNS server, you need to add domain records as listed in their DNS partner, and define it as the secondary DNS of their partner, check the DNS replication security so both allow exchanging information between them.

Adr3nalin
MCSE NT4/2000, CCA, CCNP/CCDP in progress.

 
Hey, I impressed with the number of idea's,

Bronot's is right, "I you want your users to be able to browse both intranets at the same time"

and no, I can't take Adr3nalin solution, because it would require Exchange of data..
at first I basiclly thought that I can tell each of the DNs servers that for i.e: *.microsoft.com it would go to DNS X
and for *.dell.com it would go for DNS y
but it seems it's not that simple...
 
Rites, Rites, Rites........... This is what you want.
but when a user want to access the compnay X intranet sites he have to insert his user name and password.
This is how security is set up in the land of ms. Yes, the user has to enter his username and password. This is what you want. If the user doesn't like it, too bad. I have 2 internet sites, one internal, one external. They both belong to the same comapny, but are different domains. One is used to share info with other companies. I have to put in my username and password on the external site. That's how I want it. Tell the users they have no option but to put in a username and password, and life will move on. Don't mean to sound harsh, but that is the way of the world.


[sadeyes] Glen A. Johnson
Microsoft Certified Professional
glen@nellsgiftbox.com
[americanflag]

"A person often meets his destiny on the road he took to avoid it."
Jean de La Fontaine (1621-1695); French poet.
 
Hi Kuzkuz,

as others said, there is no way a pc can access both DNS, save your time. just send them the hosts files to put in each workstations.

and yeah i know it would be painful if you have a lots of users, and if you usually change the domain entries.
in this situations you have to trade between easy of use (require DNS exchange) and security ( painful )

another way is, i'm not sure your client want to do this (you need permanent VPN connection):
configure the DNS server at remote site to use fowarding to your DNS server, and your DNS server will foward this to your ext DNS.

 
Hosts files can be downloaded to the workstations from the login script. Yeah, hosts files can be a pain, but it sounds like the only way to control the access of your workstations.

Thanks,

Joe Brouillette
 
Hey,
I'm affraid you're right Adr3nalin...
I've looked and searched, and the host file is the only solution...
since my company intranet don't have a standard Domain addreses, this is going to be a real pain in the Ar$e... :(
I am now considering placing a web page which would hold the url that the users need, and the url's would be would be already "fixed" so maybe it would save me some time...
what do you think?

anywayz, thanks a milion... 8-)
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top