+1 what we are doing here, and then have your DNS servers forward to your ISP and so on.
Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 From: Coleman, Hunter [mailto:[email protected]] Sent: Wednesday, November 17, 2010 11:29 AM To: NT System Admin Issues Subject: RE: DNS question >> And perhaps I should not provide external DNS servers via DHCP; provide internal only, and have only ISP DNS servers on my servers that provide DNS services Correct, this is what you want to do. From: Tom Miller [mailto:[email protected]] Sent: Wednesday, November 17, 2010 9:19 AM To: NT System Admin Issues Subject: DNS question Folks, I have an AD system with mostly 2008 servers. All DCs provide DNS services. DHCP provides internal servers first as DNS servers, then several of our ISP DNS servers are listed. This has never been an issue until recently when staff have begun to report internal addresses/names cannot be resolved, and they get a Cox (our ISP) page not found display in their browsers. Also this only happens at some locations even though DHCP is similar at all WAN locations. So I'm wondering why the clients are not using the first servers in the list (they are on-line, no issues). And perhaps I should not provide external DNS servers via DHCP; provide internal only, and have only ISP DNS servers on my servers that provide DNS services. It's been ages since I set this up so a best practices would be helpful if anyone has them. Tom Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
