Pointing External DNS to Different Internal Domain Mail Server "JT" <no[ at ]mail.here> 6/19/2007 5:12:11 PM I have an externally facing DNS stand alone windows 2003 server. I also have a domain we'll call abc.local which is also running an exchange 2003 server. Is it possible to use this stand alone DNS server which is in workgroup mode to point all incoming mx lookups to this other domain? Basically the external DNS server is hosting abc.com and the second is abc.local. How would I do it? Using the DNS windows DNS is appears to want a host or parent object part of the same domain. I dont think I could create a new primary zone on the external dns server because I dont know how I would map that. Maybe this isnt even possible. I didnt really want to have the internal dns server also host the external dns entries for the web sites. Thanks

Re: Pointing External DNS to Different Internal Domain Mail Server "Herb Martin" <news[ at ]learnquick.com> 6/20/2007 12:43:47 AM "JT" <no[ at ]mail.here> wrote in message news:uF%23mSVpsHHA.508[ at ]TK2MSFTNGP02.phx.gbl... [Quoted Text] >I have an externally facing DNS stand alone windows 2003 server. I also >have a domain we'll call abc.local which is also running an exchange 2003 >server. Is it possible to use this stand alone DNS server which is in >workgroup mode to point all incoming mx lookups to this other domain? Yes, of course, IF it holds the external zone for which you wish to provide the MX. abc.com MX ---> points to anywhere you wish as long as it has a public DNS record, routable IP, and can actually be routed (not filtered by a firewall) for SMTP. > Basically the external DNS server is hosting abc.com and the second is > abc.local. How would I do it? You cannot however point it to abc.local (successfully) since that name is NOT publicly resolvable. You can point it to smtp.abc.com (or any other public name) and give an IP that accessible on the Internet (routable) and can be "mapped" to an internal address through (some type of) a NAT > Using the DNS windows DNS is appears to want a host or parent object part > of the same domain. I dont think I could create a new primary zone on the > external dns server because I dont know how I would map that. Why new zone? What zone/domain will the MX record serve? Sounds like Abc.com which goes in the ABC.com zone. > Maybe this isnt even possible. I didnt really want to have the internal > dns server also host the external dns entries for the web sites. The internal DNS server will do no good for a PUBLIC MX record (where it is needed.) -- Herb Martin, MCSE, MVP http://www.LearnQuick.Com (phone on web site)

Re: Pointing External DNS to Different Internal Domain Mail Server "JT" <no[ at ]mail.here> 6/20/2007 7:59:30 PM Thanks Herb, So using Microsoft's DNS server on the external facing dns server, could i add a new host record cand call it lets just say 'mail' and map that to an internal ip of 10.1.1.x. Then create an mx record to point to the mail host name? I would be just as happy having the external name as mail. so i guess if i were to use owa for instance it would be mail.mydomain.com/exchange. Or in this case I am to understand that I would need a public IP for the mail server AS WELL as the Web server? This is what I am understanding from reading your comment maybe Im incorrect. Another example if you will. Say I wanted to drop the mail server on the same server as the web server (against all normal security best practices) then one publicy accessible IP would suffice then correct? And as such the internal MX record would point to the hostname of the DNS/Web/Mail server?! May be an easier approach in this case regardless of best practices. Can you confirm or suggest otherwise? Greatful for your assistance. Thanks "Herb Martin" <news[ at ]learnquick.com> wrote in message news:uMaNRQtsHHA.2124[ at ]TK2MSFTNGP02.phx.gbl... [Quoted Text] > > "JT" <no[ at ]mail.here> wrote in message > news:uF%23mSVpsHHA.508[ at ]TK2MSFTNGP02.phx.gbl... >>I have an externally facing DNS stand alone windows 2003 server. I also >>have a domain we'll call abc.local which is also running an exchange 2003 >>server. Is it possible to use this stand alone DNS server which is in >>workgroup mode to point all incoming mx lookups to this other domain? > > Yes, of course, IF it holds the external zone for which you wish to > provide > the MX. > > abc.com MX ---> points to anywhere you wish as long as it > has a public DNS record, routable IP, and can actually be routed (not > filtered > by a firewall) for SMTP. > >> Basically the external DNS server is hosting abc.com and the second is >> abc.local. How would I do it? > > You cannot however point it to abc.local (successfully) since that name is > NOT publicly resolvable. > > You can point it to smtp.abc.com (or any other public name) and give an > IP that accessible on the Internet (routable) and can be "mapped" to > an internal address through (some type of) a NAT > >> Using the DNS windows DNS is appears to want a host or parent object part >> of the same domain. I dont think I could create a new primary zone on the >> external dns server because I dont know how I would map that. > > Why new zone? What zone/domain will the MX record serve? > > Sounds like Abc.com which goes in the ABC.com zone. > >> Maybe this isnt even possible. I didnt really want to have the internal >> dns server also host the external dns entries for the web sites. > > The internal DNS server will do no good for a PUBLIC MX record (where > it is needed.) > > -- > Herb Martin, MCSE, MVP > http://www.LearnQuick.Com > (phone on web site) >

Re: Pointing External DNS to Different Internal Domain Mail Server "Herb Martin" <news[ at ]learnquick.com> 6/20/2007 9:47:13 PM "JT" <no[ at ]mail.here> wrote in message news:%23X%23oeX3sHHA.4196[ at ]TK2MSFTNGP03.phx.gbl... [Quoted Text] > Thanks Herb, > > So using Microsoft's DNS server on the external facing dns server, could i > add a new host record Add a new host record TO A ZONE. All records must live in SOME ZONE. > cand call it lets just say 'mail' mail.zonename.com or whatever. > and map that to an internal ip of 10.1.1.x. No, that wouldn't work since INTERNAL IPs (Locally Administered IP ranges actually) are NOT routable on the Internet so while you could add this, no one could contact you there. You must have a public address (on the outside of your NAT/Router) which is MAPPED (in the NAT) to the Internal Address where the real server lives. You map external Address and PORT to the Internal ADDRESS and PORT combination. > Then create an mx record to point to the mail host name? I would be just > as happy having the external name as mail. so i guess if i were to use owa > for instance it would be mail.mydomain.com/exchange. Or in this case I am > to understand that I would need a public IP for the mail server AS WELL as > the Web server? This is what I am understanding from reading your comment > maybe Im incorrect. Another example if you will. Say I wanted to drop the > mail server on the same server as the web server (against all normal > security best practices) then one publicy accessible IP would suffice then > correct? And as such the internal MX record would point to the hostname of > the DNS/Web/Mail server?! May be an easier approach in this case > regardless of best practices. > > Can you confirm or suggest otherwise? > > Greatful for your assistance. > > Thanks > > > "Herb Martin" <news[ at ]learnquick.com> wrote in message > news:uMaNRQtsHHA.2124[ at ]TK2MSFTNGP02.phx.gbl... >> >> "JT" <no[ at ]mail.here> wrote in message >> news:uF%23mSVpsHHA.508[ at ]TK2MSFTNGP02.phx.gbl... >>>I have an externally facing DNS stand alone windows 2003 server. I also >>>have a domain we'll call abc.local which is also running an exchange 2003 >>>server. Is it possible to use this stand alone DNS server which is in >>>workgroup mode to point all incoming mx lookups to this other domain? >> >> Yes, of course, IF it holds the external zone for which you wish to >> provide >> the MX. >> >> abc.com MX ---> points to anywhere you wish as long as it >> has a public DNS record, routable IP, and can actually be routed (not >> filtered >> by a firewall) for SMTP. >> >>> Basically the external DNS server is hosting abc.com and the second is >>> abc.local. How would I do it? >> >> You cannot however point it to abc.local (successfully) since that name >> is >> NOT publicly resolvable. >> >> You can point it to smtp.abc.com (or any other public name) and give an >> IP that accessible on the Internet (routable) and can be "mapped" to >> an internal address through (some type of) a NAT >> >>> Using the DNS windows DNS is appears to want a host or parent object >>> part of the same domain. I dont think I could create a new primary zone >>> on the external dns server because I dont know how I would map that. >> >> Why new zone? What zone/domain will the MX record serve? >> >> Sounds like Abc.com which goes in the ABC.com zone. >> >>> Maybe this isnt even possible. I didnt really want to have the internal >>> dns server also host the external dns entries for the web sites. >> >> The internal DNS server will do no good for a PUBLIC MX record (where >> it is needed.) >> >> -- >> Herb Martin, MCSE, MVP >> http://www.LearnQuick.Com >> (phone on web site) >> > >