Results 1 to 5 of 5

Thread: Another DNS Thread - Internal and External IP

  1. #1
    Join Date
    Mar 2006
    Location
    Venezuela
    Posts
    52
    Rep Power
    9

    Default Another DNS Thread - Internal and External IP

    Hi All,
    I have to say that we have tried everything we found on the different threads here at the forums, we tried th DNS in a Nutshell and the Split DNS in the WIKI, as I told before we have tried almost everything. Here is the situation, we need to configure a zimbra server with two network interfaces, one with a private IP and the other with a public IP. We have already configure the internal DNS to resolve for the private IP, and for the public IP we have no-ip resolving the host and the mx. We still cannot receive mail from outside domains, we can send, internal mail can be received but external mail from any domains we tried (gmail, yahoo, hotmail). Please any clues, any extra information regarding how to configure. We will really appreciate this.

    Regards....

  2. #2
    Join Date
    Jun 2006
    Location
    Washington DC
    Posts
    124
    Rep Power
    9

    Default

    Before I get into your question, why would you need to multihome this box?
    Do you really need to do this or maybe a different solution can be done if you give us more info?
    Are you trying to setup a DMZ or something?

    Just asking before getting into this is why I bring it up is all. ;-)
    There may be other solutions that don't require DNS trickery.

    Scotty

  3. #3
    Join Date
    Mar 2006
    Location
    Venezuela
    Posts
    52
    Rep Power
    9

    Default Re: Another DNS Thread

    Hi Scotty,
    well, this is a requierement we have from a client. We have our own server configured with the external IP and it works just fine. This client want to configure the external so the users when they are outside the office get to the mail in the DMZ he has setup, and through the internal when the users are in the office, because he thinks that the access to the client will be faster, I think it can be a little faster but not that much. I agree with you about the multihome, we don't find it very practical, but can it be done??

    Regards,

    Mo

    Again thx in advance

  4. #4
    Join Date
    Jun 2006
    Location
    Washington DC
    Posts
    124
    Rep Power
    9

    Default

    The reason I asked is becuase by letting users access by a "back-door" onto the local LAN, which is what they are appreantly asking for, they are defeating the entire perpose of the DMZ, which is to protect the internal network in case of a server breach.
    Why have a DMZ at all if they are going to dual home and give some direct access to the local LAN segment? Right?

    Unless you have a really slow DMZ segment, I am not sure that a speed gain would be anything less than negligible at best.

    If you still want to do this ( shrug ), your internal DNS ( separate server completely than the external DNS ) shouldn't have any MX records, as the internal clients don't use it anyway.
    The server should be pointed at the external DNS(s) with the public DNS zone info.
    So, your internal zone will only have an "A" record ( for inside IP Address ) for the server and the external will have the "MX" and "A" ( using Outside/public ) IP Address.
    Of course, this will break other things like SSL and internal spam filtering stuff so, you will have to tweak a lot of things going this route and also repeat these tweaks every time you do an upgrade so be sure to keep good records of what you did as you do them.

    Personally, I would do some testing and get an idea if speed is actually an issue or not before I headed down this road.
    I'm just sayin' ...... ;-)

    If you really still want to do this, post your both your internal and external zonefile info ( I would recommend you hide the first 3 octets of your public IP Addresses in your external zonefile for security reasons if you do post your zonefile here ) so we can verify all is well with the DNS stuff anyway.

    Hope this helps.

    Scotty

  5. #5
    Join Date
    Mar 2006
    Location
    Venezuela
    Posts
    52
    Rep Power
    9

    Default Thx

    Well, I'll give it a try and post the files as soon as I do the testing.

    Regards,
    Mo

Similar Threads

  1. Different internal / external email addresses
    By henrythacker in forum Administrators
    Replies: 0
    Last Post: 07-31-2007, 07:04 AM
  2. Replies: 1
    Last Post: 07-20-2007, 06:54 AM
  3. Replies: 3
    Last Post: 06-07-2007, 08:19 AM
  4. Spilt DNS settings with external DNS
    By theho6970 in forum Installation
    Replies: 3
    Last Post: 03-16-2007, 12:57 AM
  5. Internal host name different than external CNAME
    By jmeier in forum Installation
    Replies: 2
    Last Post: 04-05-2006, 09:12 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •