none
DNS Forwader for Cloud Proxy RRS feed

  • Question

  • Hello All,

    We are exploring the cloud proxy from one of the reputed vendor. As per vendor they have region wise HUBS. The requirement from the vendor is to forward all the Internet related traffic to their nearest HUBS(DNS : Public IP) from the client devices and all the internal  traffic to Internal DNS Server (COnfigured as DNS Forwarder in DC).

    When we tried to add the vendor DNS in DNS forwader it broke all our SSO's and all the queries were forwaded to Internet. 

    I am looking for suggestion, is this achievable on the DNS level? Currently we are exploring the Conditional Forwader.


    Thanks HA

    Wednesday, April 24, 2019 3:11 PM

All replies

  • Hello Anup Ghonge,

    Thank you for posting in this forum.

    It is indeed possible to specify a specific DNS server to resolve specific traffic. However, the DNS server cannot determine which traffic is the traffic to the Internet and which traffic is the internal traffic.

    Maybe you need to describe your requirements in more detail.

    Also, what is the version of your server operating system? Some specific DNS features are only available on newer versions of Windows servers.

    Best Regards,

    Leon


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, April 25, 2019 7:42 AM
  • Thank you Leon, for your reply.

    All our Domain Controllers are on Windows Server 2016, We have AD Integrated DNS. 

    We have 150 locations globally and currently most of the locations have DCs. The Internet is centralized and it is based on one central location, So all the Internet request are resolved from central location.

    Since we are exploring the cloud proxy, The vendor have regional zones (HUBS). So they could forward the internet traffic to nearest regional zone and not to central locations.

    The requirement is to allow the Internet traffice to resolve locally and should be accessible by locally. And all the Intranet (Internal Applications) should be resolved and queried by Internal DNS server.

    As of now we are exploring to add the public IP as a DNS forwarder ( Not sure its a best practice) also exploring the Conditional forwarder.

    Let me know if you need any additional details 


    Thanks HA

    Thursday, April 25, 2019 3:01 PM
  • Hello Anup Ghonge,

    As I said before, the DNS server cannot determine which traffic is the traffic to the Internet and which traffic is the internal traffic.

    Conditional forwarders may work. But you may need to create a lot of conditional forwarders to forward those Internet traffic to your public DNS.(for example: microsoft.com; google.com; bing.com and etc)

    Best Regards,

    Leon


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, April 26, 2019 8:16 AM
  • Hi,

    Just checking in to see if the information provided was helpful. 
    Please let us know if you would like further assistance.

    Best Regards,
    Leon

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, May 1, 2019 7:12 AM
  • Hi,

    Was your issue resolved? 

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Leon


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, May 6, 2019 8:45 AM
  • Hello Leon,

    Our issue is not resolved, now we are stuck in middle and exploring what can be done on the DNS side to implement the cloud proxy solution

    Thank you


    Thanks HA

    Wednesday, May 8, 2019 6:43 AM
  • Hello Leon and ALl,

    I just read about the DNS Policies in Windows Server 2016, All our DCs are 2016 can the DNS polciies will be a solution for our requirement. 


    Thanks HA

    Thursday, June 13, 2019 6:31 AM