Announcement

Collapse
No announcement yet.

Active directory integrated DNS for public DNS server

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Active directory integrated DNS for public DNS server

    Found a thread on petri via google; 43834 (won't let me post a link so here is the thread number).

    I am doing the same thing and I want to ensure I am doing the right thing security wise... I can enumerate the domain that they will be on but I am not using the same domain for anything else, the domain that the public DNS servers will be on is only for the public DNS servers and is not internet registerable.

    The DNS will have recursion disabled, and only have UDP53 open to them.

    This will make all the DNS servers basically primaries and allow a change made at one to replicate to the others. Also would work for anycast, anyone see any downsides?

  • #2
    Re: Active directory integrated DNS for public DNS server

    hmm, may have already found an issue. The SOA record auto-updates, so unless you use an internet routable domain and your servers have public IP's this isn't going to work, damn.

    Comment

    Working...
    X