2

This is probably a noob question but I have a SMB network with AD domain corp.local and external hosting with a DNS domain corp.co.uk.

As a result if I add web services on an internal machine (like cool-app.corp.co.uk) we can't resolve it internally.

I tried adding a corp.co.uk domain to my DNS servers with no entries in it (expect the SOA created automatically). My understanding was that my server should attempt to resolve x.corp.co.uk within the forward lookup zone and when it cannot just forward the request to the outside world.

But that doesn't happen if I add a primary zone to the server then I can't resolve any corp.co.uk addresses.

If it had worked I'd then have started to add cool-app x.y.z.b etc to the local lookup zone so that those resources on the LAN can be resolved when you're in the office.

My guess is I'm making a silly mistake or that I'm trying to do something the wrong way and I thought the hivemind was the best way to try to find out...

Paul D'Ambra
  • 1,072
  • 1
  • 13
  • 22

2 Answers2

6

Create a new forward lookup zone called cool-app.corp.co.uk. Inside that zone, create an A record with a blank host name and specify the IP address you want it to resolve to.

I do this all the time and it works perfectly.

Jason Berg
  • 18,954
  • 6
  • 38
  • 55
  • Would that work for things like OWA? – Paul D'Ambra Aug 26 '10 at 12:49
  • I checked and that works beautifully. Is their a way of pointing to internal resources by name so that if I change the IP I only have to do it in one place? – Paul D'Ambra Aug 26 '10 at 12:57
  • 1
    It absolutely works for OWA. Also, you can try to create a C record instead of an A record. I've never done this but don't see why it won't work. – Jason Berg Aug 26 '10 at 13:03
  • I just got here from a google search looking do to this exact thing for OWA, and your advice worked. If I could click up on you ten times I would :) – Bill Weiss Oct 20 '10 at 17:35
0

If your internal DNS has a primary zone for corp.co.uk, and it's empty, then any queries to that zone will be returned as "non-existent" because the server thinks it knows all about that zone (and the request doesn't exist in what it knows).

If your internal DNS has no zone that matches corp.co.uk, it knows nothing; if it's configured to forward or recurse the query, it will look to the outside world (assuming it's connected somehow) and find the entry (if one exists in the external DNS server).

If you want, you can maintain your own zone internally, which has different entries than the external DNS server; but it's probably not advisable as your employees would be easily confused by the different DNS entries when they're inside vs outside the office. You can however, duplicate the external entries, and add additional internal entries. Just keep the primary zone you have now; duplicate all the external entries (www.corp.co.uk for example), and add your internal-only entries (such as cool-app.corp.co.uk).

Chris S
  • 77,337
  • 11
  • 120
  • 212