Split Brain DNS and SBS 2003

Discussion in 'Windows Small Business Server' started by John, Jul 24, 2004.

  1. John

    John Guest

    Hi,

    What are the groups thoughts on Split brain DNS for SBS installations ?

    In particular, MS recommends using a non-public TLD such as .local during
    the install however this can create issues around certain parts of
    functionality with the product.

    i.e. if I want to use server based Active-sync for PDAs or RPC/Https for
    Outlook then I have to create a new zone internally which matches the
    external internet resolvable DNS name space to be able to utilise these
    services inside the LAN or to avoid reconfiguring the clients..

    surely its simpler just to always go for split brain to avoid these issues?

    Any advice appreciated..

    Cheers

    John
     
    John, Jul 24, 2004
    #1
    1. Advertisements

  2. Run the wizards.

    I'm not sure what issues you are seeing? We call ourselves .local or
    these days .lan and ensure that all of our NIC's are pointing inward to
    the internal IP address of the server for our DNS. Then we put in the
    ISP's DNS entries in as forwarders. We have the ISP add an MX record
    and we're ususally good to go. Typically there are more issues with a
    ..com naming schema than a .local/.lan

    You want to call your system .com?

    Normally it's the ISP that handles any external DNS
    http://www.microsoft.com/serviceproviders/whitepapers/split_dns.asp
     
    Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP], Jul 24, 2004
    #2
    1. Advertisements

  3. John

    Tony Su Guest

    Susan is correct in saying that <normally> there is no
    reason for the Windows Domain name to be publicly routable.

    The explanation can go further, the reason for this is
    that the way DNS works is simply to map "some name" to an
    IP Address which can be found... and therfor regardless
    whether you use a private or public namespace internally
    mapping to a resource a different external name and
    namespace which would look completely can map to the same
    resource and function fine (since Security has nothing to
    do with the name and namespace).

    As for synchronization, as Susan suggests try accessing
    OMA using a publicly resolvable name.

    Personally, for myself and most of the mobile device users
    I support I don't use these "Sync" technologies, I feel
    mobile device technology has progressed to the point that
    I prefer using the device as a regular network device (ie.
    laptop for example), using OWA and downloading/uploading
    through website technologies instead of syncing. I only
    ActiveSync my PDAs about once every 2 weeks to 2 months...
    only for Calendar/Contact updating. Mail, files and other
    are accessed without ActiveSync.

    Tony Su
     
    Tony Su, Jul 24, 2004
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.