----- Original Message ----- From: "Rick Brown" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: 04 Aralik 2001 Sali 20:39 Subject: DNS in DMZ
> This is a little off topic but I thought you guys > would be the one's to ask. I only have a mail server > and a web server (for web-based email access) in my > DMZ. Do I have to have a DNS server in the DMZ or can > I just use my ISP's DNS? I have an internal DNS > server(s). What are the drawbacks to using my ISP's > DNS. I won't need to make very many DNS changes in Is this DNS for mail and web server or you plan to use it people from internet to locate your servers placed in DMZ ? If this DNS is for the servers located in the DMZ it is a good idea to set up one or may be you can set it up on SMTP or WEB server this way you can reduce the traffic to your ISP and the traffic over the firewall.. But it is a good idea to limit who can use this DNS and also set-up the firewall not to let any queries from outside the DMZ. If this is your Public DNS it is also a good idea. ISP's genrally host DNS's an their shared DNS servers and I suspect they use any security mechanism against unauthorized modification. So it is a good idea to keep your DNS server on your facilites is always a good idea.. > the future so I'm not concerned with how long it takes > to make a DNS update. I know the other way to go > would be a split-DNS setup. Any help/advice would be > greatly appreciated. Thanks. > > __________________________________________________ > Do You Yahoo!? > Buy the perfect holiday gifts at Yahoo! Shopping. > http://shopping.yahoo.com > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls > Regards, K. ERSOY /Sibernet _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
