Outside domain not accessible inside?

S

Steve_Oaks

Gawd
Joined
Dec 17, 2002
Messages
808
In relations to this thread(you may want to read what BobSutan said to understand):
http://hardforum.com/showthread.php?s=&threadid=718918

BobSutan
Wait a sec. Are you trying to go from your internal network to the External IP you have port forwarded to an internal server? If so it aint gonna work. You'll need to test it from the outside of the NAT device, in this case the 2514. Its a feature like split-horizon, but for NAT.
Click to expand...

I would like the domain names to work internally. I know I could do it via HOSTS file...then I have to do it to every computer, but it will probably never need to change or at least not often. I was thinking i may be able to do it with a private dns server too, but I would prefer not to do that. Are there any other options that I have missed? Maybe a route or setting of some kind in the router(Cisco 2514 ios 12.2)?

Extra Credit Question:
I know Cisco probably does this for a reason with the nat(at least Im guessing), what exactly is it? I can't think of any good(logical) reasons why you would want such a feature(im probably not thinking of it on a large enough scale).
 
The 2514s do NOT have any way to perform DNS. About the best they can do is pass along any DNS entries you have configured with a DHCP scope.

Your only option is to build an internal DNS server or use external DNS servers on the internet. If you go with external DNS entries and want to surf any internal web servers, you'll have to surf via IP (or by the Computer Name of the webserver in question). I found all this out first hand when I began serving my own domain, www.lan-slam.com

In order to surf internally by the domain name I had to setup an internal DNS server. I could have just gone with using the IP address (or computer name) of my webserver, but since I wanted to learn DNS as well I just built the DNS into it anyway.
 
You cant do DNS Doctoring (aka aliasing) on 2514's? Not even with a static redirect command?
 
Not to my knowledge. I'll hit Cisco in a bit though once I finish my homework.
 
I took a look around Cisco. They only info I could find on DNS aliasing was at the firewall (PIX).
 
Originally posted by Steve_Oaks
Sounds like its time for a private dns server. :D
Click to expand...

It's a great project if you want to learn about DNS. Man, I learned a lot. The "Bat Book" helped too. :)
 
Originally posted by Blitzrommel
It's a great project if you want to learn about DNS. Man, I learned a lot. The "Bat Book" helped too. :)
Click to expand...

Owning 3 domain names and hosting my own sites I have learned ALOT about domains and dns. I have bind 8 on my *nix servers(not running) then whatever 2k Advanced server has for a domain name server. My bigest concern(since I would probably use the 2k Advanced server) is not a powerful machine. It was just setup for serving permissions basically(domain controller).

Pentium 2
300mghz
256 meg pc133

Its sound pathetic but it works quite well. But I dont know if I would trust it for dns.
 
Originally posted by Blitzrommel
Eh, just give the machine more RAM and it'll run Advanced Server just fine.
Click to expand...

hehehe pc133 ram....they like pay you to take it these days. I like that idea. But I need to check hardware limits first. The board is like a 98' or 99'. I know it has the 8gig hardware barrier so Im thinking 98'.
 
Bah, Local DNS sever for just a few PC's isn't gonna tax it hardly at all... Your server it still going to sit in your basement twidling it's thumbs for 23hrs58min out of a day... :D
 
Originally posted by Nate7311
Bah, Local DNS sever for just a few PC's isn't gonna tax it hardly at all... Your server it still going to sit in your basement twidling it's thumbs for 23hrs58min out of a day... :D
Click to expand...

AND? :D Actually the webserver(it is a *nix server) is getting hit hard lately. I started a site for me and fellow student at the college(tech school) I go to. www.OurPeopleNetwork.com Pretty plain but its been up for just 7 days.
 
You must log in or register to reply here.
Back
Top