|
|
I have a network 192.168.1.x with its own DNS servers which are setup with
forwarders to the ISP's DNS servers for non MYDOMAIN addresses. We have
just installed a line to a 172.100.100.x network which also has its own DNS
servers which are setup with forwarders to their ISP's DNS server for non
THEIRDOMAIN addresses.
We can ping and tracert back and forth fine, but we need to resolve each
other's DNS names without creating any sort of trusts. We also still want
to forward our Internet name servers resolutions to our individual ISPs.
Basically, we want it so a MYDOMAIN.com computer ( or DNS Server )looking to
resolve and address for *.THEIRDOMAIN.com it will be resolved by forwarding
to dnsserver.THEIRDOMAIN.com.
Right now we cannot resolve THEIRDOMAIN.com addresses because if they are
not on our DNS server, our ISP gets the request and naturally it fails. We
also can't manually put all the THEIRDOMAIN.com addresses on our DNS server
because the computers are on a DHCP server.
Any suggestions.
|
|
"JN" <me[ at ]here.com> wrote in message
news:%23sfCxtwWJHA.1328[ at ]TK2MSFTNGP02.phx.gbl...
[Quoted Text] >I have a network 192.168.1.x with its own DNS servers which are setup with
>forwarders to the ISP's DNS servers for non MYDOMAIN addresses. We have
>just installed a line to a 172.100.100.x network which also has its own DNS
>servers which are setup with forwarders to their ISP's DNS server for non
>THEIRDOMAIN addresses.
>
> We can ping and tracert back and forth fine, but we need to resolve each
> other's DNS names without creating any sort of trusts. We also still want
> to forward our Internet name servers resolutions to our individual ISPs.
Your options are:
1. Do Zone Transfers so that each Domain has a copy of the other Domain's
DNS Zone
2. Use conditional forwarders. They work like regular Forwarders but are
only used when a certain Domain Name is involved.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
|
|
|
[Quoted Text] > 1. Do Zone Transfers so that each Domain has a copy of the other Domain's
> DNS Zone
Is the Zone Transfer a push or pull. The reason I ask is because I only
want one domain to pull from the other and not vice versa. If it is a push
it will not work for me.
> 2. Use conditional forwarders. They work like regular Forwarders but are
> only used when a certain Domain Name is involved.
Unfortunately this was added in 2003 servers and my DNS servers are still
2000.
Your suggestions did give me an idea about creating a new zone on the my DNS
servers for the other domain and set the name servers for that domain to
their DNS servers, however it still appears that I have to manually enter
the host records in. This is OK because I only need access to a few servers
for now, but I would rather have it working the way I had hoped for future
servers and resource access.
|
|
"JN" <me[ at ]here.com> wrote in message
news:u8BKFP0WJHA.1532[ at ]TK2MSFTNGP03.phx.gbl...
[Quoted Text] >> 1. Do Zone Transfers so that each Domain has a copy of the other Domain's
>> DNS Zone
>
> Is the Zone Transfer a push or pull. The reason I ask is because I only
> want one domain to pull from the other and not vice versa. If it is a
> push it will not work for me.
There is no "push/pull",...WINS has the push/pull,...not DNS
The involved DC/DNS's simply need to be allowed by the security restrictions
between the two networks to query each other.
> Your suggestions did give me an idea about creating a new zone on the my
> DNS servers for the other domain and set the name servers for that domain
> to their DNS servers, however it still appears that I have to manually
> enter the host records in. This is OK because I only need access to a few
> servers for now, but I would rather have it working the way I had hoped
> for future servers and resource access.
Get the Zone Transfers working,...which is very easy to do and is not a
"security risk". It does not give anyone "access" to anything,...it just
makes the DNS Naming work properly. When the transfers work there is
nothing to "manually" create other than the empty Zone that you would have
already done when setting up the ZTs.
If you were trying to manually maintain a Zone then you might as well use
Hosts Files and forget it.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
|
|
In news:u8BKFP0WJHA.1532[ at ]TK2MSFTNGP03.phx.gbl,
JN <me[ at ]here.com> requesting assistance, typed the following:
[Quoted Text] >> 1. Do Zone Transfers so that each Domain has a copy of the other
>> Domain's DNS Zone
>
> Is the Zone Transfer a push or pull. The reason I ask is because I
> only want one domain to pull from the other and not vice versa. If
> it is a push it will not work for me.
>
>
As Phillip mentioned, there is no pull/push. When something changes, just
the change is sent. This is called IXFR (incremental zone transfer).
--
Ace
|
|
In news:%23sfCxtwWJHA.1328[ at ]TK2MSFTNGP02.phx.gbl,
JN <me[ at ]here.com> requesting assistance, typed the following:
[Quoted Text] >
<snipped>
>
> We can ping and tracert back and forth fine, but we need to resolve
> each other's DNS names without creating any sort of trusts. We also
> still want to forward our Internet name servers resolutions to our
> individual ISPs.
<snipped>
FYI, if creating a Secondary zone, no trusts are required.Trusts are related
to domains trusting each other. Primary to Secondary zone transfers are
based on an allowed IP list.
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCT
Microsoft Certified Trainer
For urgent issues, you may want to contact Microsoft PSS directly.
Please check http://support.microsoft.com for regional support phone
numbers.
|
|
|