Internet DNS presence Vs internal DNS space

Hello,

often in some example or discussion I read that:

- The ecompany "exemplum" have a DNS Internet presence as "exemplum.com" and an internal DNS space as "exemplum.private".

I don't understand how it is possible, unless maybe each computer has two fqdn (then two network adapters). Is this what they mean when they state what I just said?

Thank You.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

undomiel

You can assign multiple A records to the same ip address so there would be no need for multiple NICs. But what is going on here is something different. They have their own internal DNS servers they are running that host the exemplum.private network. This is kept separate from the outside world. Then they have their external DNS which is exemplum.com. This would map to their external servers such as what is hosting their web servers and also their router between their internal network and the internet. Then they would be using NAT for their internal computers to access the internet.

Here's a quick overview of NAT http://computer.howstuffworks.com/nat.htm

So basically you have your internal computers and your internal DNS servers. That's exemplum.private. Then you jump over the firewall and through the router and hit the internet. There on the other side of the firewall is your external DNS servers and your web servers which would be exemplum.com.

Hope this helps!

dave0212

The internal name space will be used for the AD and the external will be used for web space etc, the internal nodes will be connected to the internal name space only. This is a security practice to prevent your internal structure being made available to the entire WWW

rjbarlow

Oh men,
I was over complicating my life thinking to "connection DNS suffixes" and other DNS stuff when ... sob

Precious as always, men.

THX MUCH!

rj

levensailor

the .local is a reserved domain name so as to avoid confusion.

whats happening is that when someone looks for yourdomain.com they use their own machines dns cache first (host file and local arp cache), then if it cant find it, it sends a recursive query to the dns server it is configured with. this dns server may be the router, it may be a server on your local lan, or it may be your isp's dns servers that are passed down through dhcp from the router.

the point is, you send a recursive query to the dns server for a domain lookup (recursive meaning you either want to be told the answer, or told that there is no answer). depending on the dns server, it may forward the request to a bigger dns server, such as your isp, or it may just use root hints to find it. the root dns servers perform iterative requests. it will look for . (the root), then com (the tld), then the name of the domain.

the internet is a big network of dns servers that share their records with one another, if they dont have the record, they forward the request to another server, but once that server responds, then it saves the record so it doesnt have to ask again.

does this sound right, because i still havent passed the 291, im scheduled to retake it again saturday (it froze on me last time and they couldnt get it back up)

plettner

levensailor wrote:

does this sound right, because i still havent passed the 291, im scheduled to retake it again saturday (it froze on me last time and they couldnt get it back up)

That's how I understand it. I'm yet to do my exam but what you've said is the way I have it in my head. (Actually you've simplified for me).