Opinion/Ideas Request: Does this design seem best?
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Fri Jul 9 08:36:59 UTC 2004
George <george.e.sullivan at saic.com> wrote:
> I have put a small 160k bmp file at
> http://www.geocities.com/geelsu/DNSidea.bmp
> for this thread.
If it can't be expressed in text it's probably too comlex
to be safe.
> I understand DNS some, but have not really ever set
> it up, especially with a Dual card system and
> with two different domains.
> Having the picture open in another window will
> help now.
> The Email Sever with Win/Exchange 2003 will be
> in both domains. It will have
> two NICs as you can see in the picture. I have
> also cut on 2003's Routing and Remote Access using
> the custom configuration and selected Routing only.
> So no NAT or Firewall stuff at this time.
> I was thinking the Email Server/Win2003 system would
> work for DNS for both the inside and outside domains.
> Inside systems will have it as their default DNS
> Server. Inside systems will also have 144.32.3.44
> as their default router. Then 144.32.3.44 will have
> as its default router 8.50.1.44, and this will have
> its default router as 8.50.1.254. THe TCP/IP properties
> gives me a warning about multiple Default gateways on
> disjoint networks, but I am not sure if this setup
> qualifies as disjoint. An inside PC client that uses
> 144.32.3.44 as its default router is able to bring up
> webpages from "the Cloud"
> 8.50.1.44 will be know as EServer-Nic1.the.outside.net
> and 144.32.3.44 will be know as EServer-Nic2.the.inside.net.
> I am to sure how to setup all this.
> I also have DNS on a Unix server in the inside. Windows 2000
> use to have DNS setup for a secondary text base domain that
> would work in Active Directory, but I am not sure which
> selection this is in the new 2003. DNS setup is worded
> differently now, with other selections.
> 144.32.3.50 is another Win 2003 system that now has
> user accounts, files, etc on it. I did not know
> if I should put it as the default DNS server for inside
> systems.
> Systems in "the cloud" can ping my 8.50.1.44 or outside
> NIC card.
> For security, there will be a PIX box between the router
> and the outside NIC in the future.
> Anyway, does this setup seem sound in design?
> Any ideas or opinions would be greatly appreciated.
No. Any "dual-nic" solutions is movin the solution in the wrong direction,
usding a windows system for anything but gaming is wrong, complex
solutions will cost more and have many more "got-you" effects
then simple dedicated solutions.
You are way out. Be prepared to restore backups.
> Thanks
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list