Archived from groups: microsoft.public.win2000.dns (
More info?)
"DavidM" <spam@spam.net> wrote in message
news:e5AKehDaEHA.808@tk2msftngp13.phx.gbl...
> Lets discuss option #1.
>
> I currently have a domain name registered that is facing the internet that
> our customers use. I also have a server on our private network that our
> customers need access to. Our customers all have frame relay circuits
into
> us... so direct connectivity is not an issue for them.
> Are you saying that I should/can create a subdomain off my main domain and
> add a 192.168.x.y address to this.
Of course you can.
You can put any addresses you wish in there.
DNS doesn't care if they are good, bad, or indifferent.
BTW: 192.168.x.y addresses are VALID IP addresses --
just not valid on the 'backbone of the Internet.'
> This way the customers can still use
> their normal Internet DNS servers and the Internet DNS servers will return
> the private IP to access the subdomain?
Yes, BUT they have to be able to route to you AND
they must not be using ranges which conflict with your
ranges.
My (best guess) would be to suggest you use 172.29.0.0 to
avoid the ranges used by your clients.
(but if everyone takes that advice it will defeat the purpose.)
First consider that many people use 192.168.x.0 or 10.x.y.0,
and anyone doing "ICS" must use 192.168.0.x -- they have
no choice but this is only a direct issue for the smallest
companies/home users.
Bottom line: You must coordinate the ranges used by you
and your clients so they don't overlap since "The Internet"
is not coordinating these locally administered ranges.
--
Herb Martin
>
> "Herb Martin" <news@LearnQuick.com> wrote in message
> news:eN$r8yBaEHA.2296@TK2MSFTNGP10.phx.gbl...
> > "Ace Fekay [MVP]"
> > <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
> > message news:uyYWvc8ZEHA.212@TK2MSFTNGP12.phx.gbl...
> > > In news:%23%23kp5K8ZEHA.2792@TK2MSFTNGP09.phx.gbl,
> > > DavidM <spam@spam.net> asked for help and I offered my suggestions
> below:
> > > > I'm setting up an Extranet connection that will be accessible only
to
> > > > folks at my company and our customers which whom have circuits
> > > > connected to us. Local IIS application will not be available thru
> > > > Internet, however all our direct customers need access to it.
> > > >
> > > > I've going to setup DNS because I do not want my customers to use
> > > > TCP/IP address to access web application. Is there a particular
> > > > naming convention that should be used for internal domain names?
> > > > .net, .local?
> > > >
> > > > Any help would be appreciated.
> > >
> > > If all your asking is what name to choose, it could be any name you
want
> > it
> > > to be. We just normally suggest to make it something otehr than your
> > > external name.
> > >
> > > You can make it .david if you like.
> >
> > Ace is correct in PRINCIPLE, but you must also pick a name
> > that your customers can "resolve" which is (almost) a separate
> > issue.
> >
> > The issue is NOT the "name" so much as "HOW" the customer
> > DNS clients or DNS servers will resolve your name.
> >
> > If your customers have no reference to your .David or .local
> > domain, and no way to recurse through THEIR (or the Internet)
> > Hierarchy to find it then they will never find your DNS servers.
> >
> > Solutions include:
> >
> > 1) Use a public name and register it so that the customers
> > can use the public Internet DNS name space to "find" your
> > resources, BUT then filter out unwanted traffic with a
> > firewall or by using unroutable addresses (due to the direct
> > connection working for them.)
> >
> > 2) Have EACH customer hold a "secondary" for your DNS
> > zone(s) so that they can resolve your names directly.
> >
> > 3) Use Win2003 DNS (at the customer sites) to implement
> > either "conditional forwarding" or "stub zones".
> > The problem here is that each customer must have at
> > Win2003 DNS servers.
> >
> > 4) Do something similar to #3 using BIND -- this is probably
> > at least as bad as #3
> >
> >
> > --
> > Herb Martin
> >
> >
>
>
Facebook
Twitter
Instagram