Go Back   AnandTech Forums > Software > Software for Windows

Forums
· Hardware and Technology
· CPUs and Overclocking
· Motherboards
· Video Cards and Graphics
· Memory and Storage
· Power Supplies
· Cases & Cooling
· SFF, Notebooks, Pre-Built/Barebones PCs
· Networking
· Peripherals
· General Hardware
· Highly Technical
· Computer Help
· Home Theater PCs
· Consumer Electronics
· Digital and Video Cameras
· Mobile Devices & Gadgets
· Audio/Video & Home Theater
· Software
· Software for Windows
· All Things Apple
· *nix Software
· Operating Systems
· Programming
· PC Gaming
· Console Gaming
· Distributed Computing
· Security
· Social
· Off Topic
· Politics and News
· Discussion Club
· Love and Relationships
· The Garage
· Health and Fitness
· Home and Garden
· Merchandise and Shopping
· For Sale/Trade
· Hot Deals with Free Stuff/Contests
· Black Friday 2014
· Forum Issues
· Technical Forum Issues
· Personal Forum Issues
· Suggestion Box
· Moderator Resources
· Moderator Discussions
   

Reply
 
Thread Tools
Old 11-09-2012, 09:34 AM   #1
Scarpozzi
Lifer
 
Scarpozzi's Avatar
 
Join Date: Jun 2000
Location: SouthEast
Posts: 20,989
Default Windows Domain/Domain Controller vs Web Domain Question...

So I've got a Windows Domain....let's call it dc=company,dc=com

There's a DNS entry of company.com listed.

I have a website of www.company.com

My question: External DNS resolves company.com and www.company.com to our company web server. Internal DNS resolves company.com to the DC pool and www.company.com to the web server. Is there a way to redirect traffic within windows without installing IIS on the DC? (it's not recommended by Microsoft) I'm just trying to figure out how to fix the problem of internal clients and employees going to domain.com and finding a pool of servers that don't listen on port 80.

I'm relatively new to Microsoft stuff and didn't find anything about this from a google search.

Thanks,

-Scar
__________________
"Know your thoughts before you, we do, hhhmmmmm.........YES!" -Yoda Mod
Scarpozzi is offline   Reply With Quote
Old 11-09-2012, 10:54 AM   #2
yinan
Golden Member
 
Join Date: Jan 2007
Posts: 1,548
Default

It is caleld split horizon DNS. Also, you really should something other than an Internet resolvable domain name for your internal network, aka company.local.
__________________
CALLING AN ILLEGAL ALIEN AN "UNDOCUMENTED IMMIGRANT" IS LIKE CALLING A DRUG DEALER AN "UNLICENSED PHARMACIST"!
yinan is offline   Reply With Quote
Old 11-09-2012, 11:31 AM   #3
imagoon
Diamond Member
 
imagoon's Avatar
 
Join Date: Feb 2003
Location: Chicagoland, IL
Posts: 4,892
Default

Quote:
Originally Posted by yinan View Post
It is caleld split horizon DNS. Also, you really should something other than an Internet resolvable domain name for your internal network, aka company.local.
That is no longer recommended. The recommended solution is to use a subdomain of the main domain IE

windows domain = internal.domain.com public = domain.com

so dc1.internal.domain.com can never conflict with anything in domain.com (except the obvious "internal.domain.com."

My home test domain hangs off my own personal public domain without issue this way right now.

In 2015 you will no longer be able to get proper certificate for domains like ".local" which will make things like Exchange basically not work (in a way that won't cause other issues in the cert chain) inside and outside the domain.
imagoon is online now   Reply With Quote
Old 11-09-2012, 11:33 AM   #4
Scarpozzi
Lifer
 
Scarpozzi's Avatar
 
Join Date: Jun 2000
Location: SouthEast
Posts: 20,989
Default

Thanks for the responses. It's just easier said than done when a domain's been set a certain way for years.

I agree with subdomains and a clear line between internal/external. I'll see if I can add this be to the list of 3-5 year goals.
__________________
"Know your thoughts before you, we do, hhhmmmmm.........YES!" -Yoda Mod
Scarpozzi is offline   Reply With Quote
Old 11-09-2012, 11:41 AM   #5
imagoon
Diamond Member
 
imagoon's Avatar
 
Join Date: Feb 2003
Location: Chicagoland, IL
Posts: 4,892
Default

Quote:
Originally Posted by Scarpozzi View Post
Thanks for the responses. It's just easier said than done when a domain's been set a certain way for years.

I agree with subdomains and a clear line between internal/external. I'll see if I can add this be to the list of 3-5 year goals.
Well if you have something running already, I assume you don't have an internal machine named "www" in your domain do you?

If not you can just plug an A record in to your domain DNS with the proper IP. If you are doing doing your external DNS via the DC's DNS (really bad mojo btw) the first step is to split it up and then manage each part separately.
imagoon is online now   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 08:01 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.