internal DNS issue

[buddyel]

We are experiencing a small problem with our in house DNS server. DNS is installed on a Win 2k server and contains only OUR public services. However we are finding more and more times, that users are getting the public ip addresses of mail and

http://www instead

of the internal ip.

Through DHCP, users are given a primary dns of our internal dns server and a secondary public dns server. The problem is our firewall prohibits access of our public ip addresses from internal, they must use the private ip. What would cause this, too slow of a result from our internal dns or something along that lines? and if so, how can we fix that?

 

[aftertaf]

they shouldn't have the 2nd dns server as a public dns server..
if you want 2 servers to be available for cleints for fault tolerance, get a 2nd 2000 server up and running...

make your internal dns server(s) forward requests for external zone resolution requests to your isp's DNS Server...

Aftertaf

"Resolve is never stronger than the night before it was never weaker

 

[buddyel]

Sorry. When I said public DNS, i meant we are using the ip addresses given to use by our ISP.

So are you saying to either remove the second DNS entry from the DHCP scope and/or add another internal DNS server and on our DNS server, configure it to forward requests to our ISP DNS servers. This way only our DNS server communications with the outside DNS, correct?

 

[buddyel]

Another question I have is, our network hosts a mail server for a sister company with a different domain name. Is there a way to put a DNS entry in our DNS server for this server even though its not part of domain namespace?

 

[aftertaf]

on the DNS question: yes, remove 2nd dns in dhcp and yes to the rest


and the public DNS... i gather this means you have some servers that have public IP addresses. Do they also have an IP address on your local network?


mail server: you can create another zone on your dns and add a host record for their mail server ie host=mailserver & zone = sistercompany.com
or you could enable replication of their dns zone onto your dns server as a secondary server...

to see things a bit clearer, what do you mean by this: "contains only OUR public services."
??


Aftertaf

"Resolve is never stronger than the night before it was never weaker

 

[buddyel]

by PUBLIC services, i mean servers which host services which are accessible via the internet (www, ftp, citrix, mail).

"and the public DNS... i gather this means you have some servers that have public IP addresses. Do they also have an IP address on your local network?"
-- YES, we have a web server, mail server, ftp servers, all which have static public ip address configured in our firewall.

 

[aftertaf]

and they have a private address too... they are all multihomed?

and your dns server is the authoritative dns server for the internet-visible zone?

(to be sure...)

Aftertaf

"Resolve is never stronger than the night before it was never weaker

 

[buddyel]

Our servers have a single internal ip (they get their public ip from the NAT table in our firewall).

Our DNS server is only accessible from inside our network. It contains only 3 'A' records and 1 MX record. Our corporate DNS records are hosted by our telco provider.

We just had to install a local DNS server so that users on our internal network would only be given the internal ip address of these services.

 

[aftertaf]

and have your 'public' servers registered themselves in your local DNS? is this the DNS that the network clients use ?

Aftertaf

"Resolve is never stronger than the night before it was never weaker

 

[apocalypse69]

Need some help from anyone who has had the same issue as me I have two computer both with win XP pro Sp2. I have them both connected to the wireless router but only one works. The one that is connect to the PCI adapter is have trouble connecting to the internet. Everytime I try to connect I get an error stating DNS sever unavailable. I scannned my computer and it narrow it to the adapter. Can anyone help!!!