Well, you have other alternatives such as DMZ or putting public servers in
front of the NAT device. However, unless you want to use hosts files or
different domain names, you are going to need 2 DNS servers. If all
machines are behind the NAT device, map port 53 to the public DNS server.
Point internal clients to a separate internal DNS server - manually
configure host records as necessary.
Also, you didn't say anything about Active Directory. If you are running an
internal Active Directory domain with the same name as your Internet domain,
you would not typically make a public DNS server a member of that domain.
Doug Sherman
MCSE, MCSA, MCP+I, MVP
"Tom" <(E-Mail Removed)> wrote in message
news:2508D831-1214-4D30-B9B2-(E-Mail Removed)...
> OK hears the deal. We are a small company with a class C.
> ex-204.204.204.1-254. We currently host our own mail and web servers and
our
> own dns. They all have real ip's, including our client PC's. we are not
> doing any NAT'ing. So if you make a request to our domain, it hits one of
> our dns servers, gives you the ip back, and then you can go directly to
that
> real ip. That works great.
>
> We are starting to run out of real ip's now. So we want to NAT. I cant
> seem to figure out how our DNS will work. Heres my Dilema. If I nat
> everything, all my clients and servers will have private IP's. so if my
> client 192.168.0.10 makes a request to my DNS server 192.168.0.8 for the
> webserver, it will give back the ip 192.168.0.1, and my inside client will
> get there jsut fine. But what happens when someone from the outside makes
a
> request for my web server. The will hit my dns server using the real IP
> address i specify with my registrar,204.204.204.8, but then Im afraid that
it
> is going to hand back the private ip, 192.168.0.1, that is associated with
my
> webserver, and then the outside wont be able to hit us. Any suggestions,
> links diagrams etc would be extremely helpful. Thank you.
|
Similar Threads
Linear Mode
