Anonymous_User Absent Member.
Absent Member.
3385 views

Internal DNS Zone Name

Currently our external domain is hosted by our ISP and I am in the
process
of setting up an internal DNS server. I am wondering about the zone
name
and what to use. Currently our external domain is company.com but I'm
not
sure if I should use company.com, company.local or
internal.company.com or
something else for the internal domain. Any suggestions or feedback
would
be very helpful. Thanks.

-Galen





Labels (1)
0 Likes
10 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Internal DNS Zone Name

If you have only a few public DNS names in your domain (e.g., www,
mail
and perhaps ftp), and your DNS server will never be a publicly
registered DNS server, then use the same name as your public domain.

In that domain, you'll need to manually create A records for each
public host, and you'll need to manually update them if/when their IP

addresses change.

If you have too many public records to manually maintain, or your
server will be a publicly registered DNS server, then use something
other than your public name, perhaps company.local.

bd
NSC Volunteer SysOp
www.InsightNetSolutions.net




0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Internal DNS Zone Name

Depends on what you are trying to accomplish.

If you have externally accessable web servers that are NATted to
internal IPs (non-internet routable, 10.x.x.x, 172.16-31.x.x,
192.168.x.x) you may want to consider using the same domain name and
setting the forwarding to your ISP's DNS servers.

This way people internally will access the web servers with the localIP, and externally using the public IP. That way users do not have to

remember 2 domain names.

If you are looking at having a set of web servers not avbailable to
the
outside then you may want to consider the other way.

Both can be completed with the same DNS server.

--
Timothy Leerhoff
Principal Consultant
Independant Experts
Novell Support Forums Sysop



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Internal DNS Zone Name

We have some servers that are publicly regiestered, and the domain for
them
is handled through our ISP, the server I am trying to setup will be
for
Internal clients.

Galen

"Brad Doster" <bd@NSCSysOps.net> wrote in message
news:VA.00002263.18bb2cfd@nscsysops.net...
> If you have only a few public DNS names in your domain (e.g., www,

mail
> and perhaps ftp), and your DNS server will never be a publicly
> registered DNS server, then use the same name as your public domain.


> In that domain, you'll need to manually create A records for each
> public host, and you'll need to manually update them if/when their

IP
> addresses change.
>
> If you have too many public records to manually maintain, or your
> server will be a publicly registered DNS server, then use something> other than your public name, perhaps company.local.
>
> bd
> NSC Volunteer SysOp
> www.InsightNetSolutions.net
>






0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Internal DNS Zone Name

In article <yybmb.7271$S13.1377@prv-forum3.provo.novell.com>, Galen
Yalch wrote:
> We have some servers that are publicly regiestered
>

OK, and as Tim was getting at, where are these servers located? Do
you
manage them internally or are they hosted elsewhere?

bd
NSC Volunteer SysOp
www.InsightNetSolutions.net




0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Internal DNS Zone Name

The public domain is hosted by our ISP. The internal part will be
hosted
internally.

Galen Yalch

"Brad Doster" <bd@NSCSysOps.net> wrote in message
news:VA.00002268.1e2a2c12@nscsysops.net...
> In article <yybmb.7271$S13.1377@prv-forum3.provo.novell.com>, Galen> Yalch wrote:
> > We have some servers that are publicly regiestered
> >

> OK, and as Tim was getting at, where are these servers located? Do

you
> manage them internally or are they hosted elsewhere?
>
> bd
> NSC Volunteer SysOp
> www.InsightNetSolutions.net
>






0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Internal DNS Zone Name

Yes I understand the domain hosting, but we need to know about the
*server* hosting... where are the public servers physically located --

are they in your facility under your control or are they located
outside of your facility.

bd
NSC Volunteer SysOp
www.InsightNetSolutions.net




0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Internal DNS Zone Name

We're looking at the same 'dilemma' at this point. To reiterate, ourgoals are as follows:

[1] The server is going to be used as a publically registered DNS
server

[2] It will also support internal DNS queries as well.
[3] The server will contain the following publically accessible
services: http, smtp, pop3, and dns.

[4] We plan on accessing our public services using NAT (through a
firewall - sonicwall or watchguard, not BorderManager)

Specifically, our question relates to security. I have seen
references to using a .local domain versus the public DNS name. Given

our configuration goals, would we benefit from a .local domain name,
and can our small network (under 50 clients) provide both internal DNS

(192.168.1.x) and public DNS resolution securely?

I have read over the previous threads, and it sounds like we could goeither way on this. Is there a benefit of choosing one of the other?We want to maintain control over the public DNS records we have, and
not give that control to the ISP. I see what was written below, but
we would still want to use internal DNS, and not external.

In the text underneath this post, it already 'seems' like the
question(s) have been answered. I guess I'm just looking for a bit
more detail and if there are any security vulnerabilities to assess
when taking one solution over the other.


On Fri, 24 Oct 2003 14:01:52 GMT, "Timothy Leerhoff"
<tleerhoffNO@SPAMqwest.net> wrote:

>Depends on what you are trying to accomplish.
>
>If you have externally accessable web servers that are NATted to
>internal IPs (non-internet routable, 10.x.x.x, 172.16-31.x.x,
>192.168.x.x) you may want to consider using the same domain name and>setting the forwarding to your ISP's DNS servers.
>
>This way people internally will access the web servers with the local


>IP, and externally using the public IP. That way users do not have

to
>remember 2 domain names.
>
>If you are looking at having a set of web servers not avbailable to

the
>outside then you may want to consider the other way.
>
>Both can be completed with the same DNS server.





0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Internal DNS Zone Name

You should post this as a root posting in this forum as you will get
more answers this way.


--
Timothy Leerhoff
Principal Consultant
Independant Experts
Novell Support Forums Sysop



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Internal DNS Zone Name

The internal one is physically hosted at our facitility. The public
one is
hosted by our ISP at our ISPs site.

Galen

"Brad Doster" <bd@NSCSysOps.net> wrote in message
news:VA.0000226c.23ac9514@nscsysops.net...
> Yes I understand the domain hosting, but we need to know about the
> *server* hosting... where are the public servers physically located

--
> are they in your facility under your control or are they located
> outside of your facility.
>
> bd
> NSC Volunteer SysOp
> www.InsightNetSolutions.net
>






0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Internal DNS Zone Name

Then I suggest you put the internal IP addresses on your internal DNSservers.

If you use the same domain name and host names as the ones at your ISP

your users can access the data inside or out with the same urls.

--
Timothy Leerhoff
Principal Consultant
Independant Experts
Novell Support Forums Sysop



0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.