none
Add DNS host entries for external domain

    Question

  • Hi

    We've had a request from our web developers to add several host entries into DNS (W2003) but for a domain which is not hosted on the internal DNS servers. The IP addresses of the hosts will be internal addresses. I don't know why this is needed - just been asked to do it.

    e.g. Internal domain name (in DNS) - domain1.com

    Host records required - host1.domain2.com, host2.domain2.com, host3.domain.com ....

    Unfortunately domain2.com is a valid domain name and I believe adding this in as a new zone may/will affect services such as Exchange and possibly others which may need to resolve addresses in domain2.com

    Can anyone advise ?

    Thanks

     

     

    Tuesday, June 15, 2010 1:51 PM

Answers

  •  
    Hi,
     
    Your worries are quite valid. If you create a zone for domain2.com you
    would have to maintain an internal copy of every record in that zone, or
    at least every record you expected to use internally.
     
    You might work-around this though. Instead of creating a zone for
    domain2.com you can create a zone for each host. e.g.
     
    1. Create a new Forward Lookup Zone
    2. Set the type to Primary (AD Integrated as well if you like)
    3. Name the zone "host1.domain2.com"
    4. Finish off the wizard, leaving dynamic update disabled
    5. Select the zone then create a new Host (A) record with a blank name.
    6. Enter the private IP address
     
    That will not effect name resolution for any other resource beneath
    domain2.com as the system only claims authority for host1.domain2.com.
     
    It should be noted that this scales badly, if you have 100 of these it
    won't be any fun and you might have to look for another solution. If you
    have 4 or 5 it'll be absolutely fine.
     
    HTH
     
    Chris
     
    • Marked as answer by jarweb Wednesday, June 16, 2010 7:19 AM
    Tuesday, June 15, 2010 2:44 PM

All replies

  •  
    Hi,
     
    Your worries are quite valid. If you create a zone for domain2.com you
    would have to maintain an internal copy of every record in that zone, or
    at least every record you expected to use internally.
     
    You might work-around this though. Instead of creating a zone for
    domain2.com you can create a zone for each host. e.g.
     
    1. Create a new Forward Lookup Zone
    2. Set the type to Primary (AD Integrated as well if you like)
    3. Name the zone "host1.domain2.com"
    4. Finish off the wizard, leaving dynamic update disabled
    5. Select the zone then create a new Host (A) record with a blank name.
    6. Enter the private IP address
     
    That will not effect name resolution for any other resource beneath
    domain2.com as the system only claims authority for host1.domain2.com.
     
    It should be noted that this scales badly, if you have 100 of these it
    won't be any fun and you might have to look for another solution. If you
    have 4 or 5 it'll be absolutely fine.
     
    HTH
     
    Chris
     
    • Marked as answer by jarweb Wednesday, June 16, 2010 7:19 AM
    Tuesday, June 15, 2010 2:44 PM
  • The solution Chris is proposing is the best option for your current situiation, which is not optimal for name resolution.  Since your DNS servers will be authoritative for these individual zones you will create, you must keep them up to date in regards to the IPs they map to.  If the "true" internet zones are updated with new information, you will not be aware of these changes, until your organization figures out that the IPs or host names have been changed by the organization that "owns" the domain names and associated records.

     


    Visit: anITKB.com, an IT Knowledge Base.
    Tuesday, June 15, 2010 3:10 PM
  • Hi guys

    Thanks for your responses - I'll try this suggestion.

    As I said, the IP addresses for the hosts will be from our internal network range so we should know if/when they need to be changed.

    Regards

     

    Wednesday, June 16, 2010 7:22 AM
  • V old thread but still valid and a nice solution, thanks
    Thursday, March 16, 2017 5:02 PM
  • Exact fix for the solution i was looking for.

    Thanks Chris.

    I had a issue with when i create a new zone and add host record in it.

    Monday, July 24, 2017 12:12 PM
  • We have had a similar situation where developers asked to add certain host records for an external website but after adding the records we are not able to browse the external site. For instance we created host record sts.extdom.com and extdom.com being an external site now we cannot browse extdom.com
    • Proposed as answer by ocean2706 Monday, February 18, 2019 10:58 AM
    • Unproposed as answer by ocean2706 Monday, February 18, 2019 10:58 AM
    Thursday, August 17, 2017 10:42 AM
  • This is because you added extdom.com as forwarded zone. You must "fake" the zone for sts.extdom.com not for extdom.com

    zone: sts.extdom.com with IN A record pointing to the required ip address.

    the sts.extdom.com will be server from your dns server, extdom.com from normal DNS.

    Monday, February 18, 2019 11:01 AM