0

I'm planning to upgrade our office network architecture this week and have run into a slight issue.

Right now we have a few servers that are accessible internally and externally, we'll call them server1 and server2. Externally, when I point to server1.com or server2.com, my client's DNS will resolve this properly to our static IP block. That's all great.

Internally, when I call server1.com or server2.com, our internal DNS server (Windows Server 2003) handles the IP resolution without contacting an external DNS server, saving us some hops and some time.

Is there a way to eliminate the need for the DNS server (Windows Server 2003) and handle this on the router or cable modem? Perhaps through static routes? Editing the hosts file on each internal workstation is not an option.

Any help is appreciated! Thanks!

Matt McCormick
  • 189
  • 3
  • 8
  • Do you want to eliminate the need for a Windows Server, DNS, or extra machine that is needed to run a DNS server? – resonator Jul 28 '09 at 03:48

2 Answers2

1

When you say "my client's DNS" in the 2nd paragraph I think you're referring to public-facing DNS servers hosted out on the Internet. It feels, in paragraph 3, like you're saying that the DNS server on the LAN ("internal") can also resolve the Internet-accessible names of the server computers (presumably to LAN IP addresses), too.

Perhaps I'm missing it, but I don't see any "issue" in your post. It looks like everything is working fine and you're just asking if you can do away with the Windows DNS server somehow.

If they need the Windows Server machine anyway there's no good reason not to just run a DNS server. The Microsoft DNS server isn't a resource hog and generally works pretty well, but you can always run a Win32 port of BIND if you're really, really against the Microsoft DNS server.

An aside: Static routes have nothing to do with DNS. Routing is a layer 3 function. DNS is a layer 7 function. They are completely different things. Some little embedded router devices have DNS servers (typically caching-only) built-in, but that's not the typical function of a traditional router but more a marketing side-effect of the niche that those little routers seek to fill.

Evan Anderson
  • 141,881
  • 20
  • 196
  • 331
0

If you run Cisco PIX/ASA firewalls, and your DNS requests are passing through the firewall to the outside, you can have the device doctor the DNS response for statically NAT'd IPs: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807968d1.shtml

If you were willing to switch to bind, configuring internal and external views on the same server is pretty trivial. I'm sure it's possible under Win DNS, but I am not familiar enough with that to comment. I, personally, would not run externally accessible DNS on Windows.

Greeblesnort
  • 1,759
  • 8
  • 10