1. Public Domain Name versus Internal Domain Name. 2. The domain tab on a router

14/03/2006, 08h26

I am a newbie in the DNS "area". I've gone through few books, but none of
them explains on how to separate a setup for public domain name from a setup
for internal domain name. Can both of them coexist on the same LAN, say one
with one server and few clients behind a NAT router?
If anyone knows some good resources on the web or books that tackle this
subject in particular I would appreciate it. Even a clear short explanation
here.

One more thing intrigues me on a NAT router. There's a tab normaly under the
LAN settings called Domain Name. How can a router join a domain? Or is it a
Domain name server? Neither the file or the manual mentiones anything
about it. It seems it is a tab only for people who already know why is
there. On my Belkin router/ADSL modem the default name was... belkin. I
changed it to my workgoup name (I have no server yet). There was no effect
on my LAN...

Julian

14/03/2006, 09h36

"Julian" <x@x.x> wrote in message news:47ndbkFggj8kU1@individual.net...
>I am a newbie in the DNS "area". I've gone through few books, but none of
> them explains on how to separate a setup for public domain name from a
> setup
> for internal domain name.

Leave your PUBLIC DNS server at the Registrar.

If you use the same name for internal Domains then
setup exactly the same zone (name) and add the
external records manually to that internal zone (if
you wish users to be able to reach those resources.)

From that point on, all external changes must be
manually duplicated on the internal (version) of the
zone.

That is really it. All there is too it.

Think of it as TWO ZONES with the SAME NAME
and you will understand what is going on much more
quickly:

You are purposely breaking replication between the
internal version and the external version so that private
records won't be publicly available.

Since you break that replication you must manually
'replicate' (configure) all external records on the
internal (version of the) zone.

> Can both of them coexist on the same LAN, say one
> with one server and few clients behind a NAT router?

Yes, but not always on the same server -- and putting them
on the same LAN is usually pretty silly.

Put the external version of the zone BACK AT the REGISTAR
(where such almost always belong.)

> If anyone knows some good resources on the web or books that tackle this
> subject in particular I would appreciate it. Even a clear short
> explanation
> here.

There probably aren't because it is a very simple thing
to get right if you don't try to use the same machines for
both public and private. (Although that is technically
possible with some non-MS DNS servers.)

Your public DNS almost never belongs "behind the NAT"
but rather out on the public side even if you maintain it
yourself.

> One more thing intrigues me on a NAT router. There's a tab normaly under
> the
> LAN settings called Domain Name. How can a router join a domain?

If it is Windows box the router can of course join a domain just
like any other computer.

But I am pretty sure you aren't looking at the place where the
router joins the domain (i.e., System control panel) but rather
something to do with the default domain name (for resolution
or DHCP or Proxy or some such.)

> Or is it a Domain name server?

Not sure since "Domain Name" and "Domain Name Server"
are two different things -- whatever you see is what it is.

> Neither the file or the manual mentiones anything
> about it. It seems it is a tab only for people who already know why is
> there. On my Belkin router/ADSL modem the default name was... belkin. I
> changed it to my workgoup name (I have no server yet). There was no effect
> on my LAN...

Chances are that this is again something like the DNS name
for the router ACTING as a DHCP server (gives it to clients)
or for some type of Proxying.

If you have no Active Directory then domain names are pretty arbitrary.

Any machine can have many DNS domain names -- but each
machine can only be in ONE AD domain AND can only
default to doing lookups in one domain (or a list with a
certain order) when the user types an unqualified (no suffix)
name.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

14/03/2006, 08h26	#1
Julian Messages: n/a Hébergeur:	1. Public Domain Name versus Internal Domain Name. 2. The domain tab on a router I am a newbie in the DNS "area". I've gone through few books, but none of them explains on how to separate a setup for public domain name from a setup for internal domain name. Can both of them coexist on the same LAN, say one with one server and few clients behind a NAT router? If anyone knows some good resources on the web or books that tackle this subject in particular I would appreciate it. Even a clear short explanation here. One more thing intrigues me on a NAT router. There's a tab normaly under the LAN settings called Domain Name. How can a router join a domain? Or is it a Domain name server? Neither the file or the manual mentiones anything about it. It seems it is a tab only for people who already know why is there. On my Belkin router/ADSL modem the default name was... belkin. I changed it to my workgoup name (I have no server yet). There was no effect on my LAN... Julian

14/03/2006, 09h36	#2
Herb Martin Messages: n/a Hébergeur:	Re: 1. Public Domain Name versus Internal Domain Name. 2. The domain tab on a router "Julian" <x@x.x> wrote in message news:47ndbkFggj8kU1@individual.net... >I am a newbie in the DNS "area". I've gone through few books, but none of > them explains on how to separate a setup for public domain name from a > setup > for internal domain name. Leave your PUBLIC DNS server at the Registrar. If you use the same name for internal Domains then setup exactly the same zone (name) and add the external records manually to that internal zone (if you wish users to be able to reach those resources.) From that point on, all external changes must be manually duplicated on the internal (version) of the zone. That is really it. All there is too it. Think of it as TWO ZONES with the SAME NAME and you will understand what is going on much more quickly: You are purposely breaking replication between the internal version and the external version so that private records won't be publicly available. Since you break that replication you must manually 'replicate' (configure) all external records on the internal (version of the) zone. > Can both of them coexist on the same LAN, say one > with one server and few clients behind a NAT router? Yes, but not always on the same server -- and putting them on the same LAN is usually pretty silly. Put the external version of the zone BACK AT the REGISTAR (where such almost always belong.) > If anyone knows some good resources on the web or books that tackle this > subject in particular I would appreciate it. Even a clear short > explanation > here. There probably aren't because it is a very simple thing to get right if you don't try to use the same machines for both public and private. (Although that is technically possible with some non-MS DNS servers.) Your public DNS almost never belongs "behind the NAT" but rather out on the public side even if you maintain it yourself. > One more thing intrigues me on a NAT router. There's a tab normaly under > the > LAN settings called Domain Name. How can a router join a domain? If it is Windows box the router can of course join a domain just like any other computer. But I am pretty sure you aren't looking at the place where the router joins the domain (i.e., System control panel) but rather something to do with the default domain name (for resolution or DHCP or Proxy or some such.) > Or is it a Domain name server? Not sure since "Domain Name" and "Domain Name Server" are two different things -- whatever you see is what it is. > Neither the file or the manual mentiones anything > about it. It seems it is a tab only for people who already know why is > there. On my Belkin router/ADSL modem the default name was... belkin. I > changed it to my workgoup name (I have no server yet). There was no effect > on my LAN... Chances are that this is again something like the DNS name for the router ACTING as a DHCP server (gives it to clients) or for some type of Proxying. If you have no Active Directory then domain names are pretty arbitrary. Any machine can have many DNS domain names -- but each machine can only be in ONE AD domain AND can only default to doing lookups in one domain (or a list with a certain order) when the user types an unqualified (no suffix) name. -- Herb Martin, MCSE, MVP Accelerated MCSE http://www.LearnQuick.Com [phone number on web site]

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email