RE: Internal DNS best practices

• From: Danny <nocmonkey@xxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 4 Oct 2005 11:38:55 -0400

On 10/4/05, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote:
> It depends.
>
> What do you want to do?

Have the most efficient and secure DNS configuration as possible with
the following network setup:

Internet
|
|
v
ISA Server - Integrated Mode
|
|
LAN + Servers

Currently there are two AD DNS servers on the LAN, both of them have
their TCP/IP DNS client settings pointing to localhost and the ISP's
DNS server.  Both of them also have their DNS server settings with no
DNS forwarder specified.

The current ISA 2000 server is in its own forest, has no DNS
forwarder, but the external NIC has both of the ISP's DNS servers
specified, and the internal NIC only points to localhost (its own DNS
server).

I was thinking it would be best to have all of the LAN DNS servers
forward their requests to the new ISA (2004; replacing ISA 2000)
server, which would be a secondary DNS server for AD and forward to
the ISP for external requests.

...D

Other related posts:

• » Internal DNS best practices
• » RE: Internal DNS best practices
• » RE: Internal DNS best practices
• » RE: Internal DNS best practices
• » RE: Internal DNS best practices
• » RE: Internal DNS best practices
• » RE: Internal DNS best practices

1. Home
2. isalist
3. Archive
4. 10-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---