Re: WINS server querying other WINS server
You would need to make it a replication partner. Even if it could pass the query the holes you would have to open in the firewall make no sense. I guess I would wonder why a DMZ web server even needs access to WINS period, I would think you would only need DNS. If you need a netbios query for some reason you could use lmhosts instead of having WINS out there. Thanks Smiles, Matthew To: NT System Admin Issues SMILESM@PANA[EMAIL PROTECTED] SONIC.COM cc: Subject: WINS server querying other WINS server 08/28/2001 10:14 AM Please respond to NT System Admin Issues Can a WINS server be configured to query another WINS server when it doesn't know the answer to a name resolution query? For example, I need WINS in a DMZ type environment and I don't want the DMZ web servers to query corporate WINS directly. I want the DMZ servers to register with and query a WINS server within the DMZ and if that DMZ WINS server does not know the answer to a NETBIOS name query, it is configured (and has the necessary holes in the firewall) to query corporate WINS. I think the answer is no and I would have to make the DMZ WINS server a replication partner of corporate WINS, but then this would put the corporate WINS database in the DMZ which is not allowed. Any thoughts are appreciated. Thanks, Matt http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: WINS server querying other WINS server
Ernest, Thanks for the response. The reason why WINS is still required is due to a legacy application that has to be supported and that application has dependencies which require it to be in the DMZ. It's a long story, but of course, ideal case WINS would not exist in the DMZ. LMHOSTS while certainly possible, isn't production feasible as the machines that need to be resolved are under other administrative control so their IP's could be changed without notice. The other option is to use a WINS proxy agent, but then the DMZ servers wouldn't be in WINS and would require static entries. At least that would be manageable as it would be our machines that could change IP's and we would know when we did that. Thanks for the input, matt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 3:02 PM To: NT System Admin Issues Subject: Re: WINS server querying other WINS server You would need to make it a replication partner. Even if it could pass the query the holes you would have to open in the firewall make no sense. I guess I would wonder why a DMZ web server even needs access to WINS period, I would think you would only need DNS. If you need a netbios query for some reason you could use lmhosts instead of having WINS out there. Thanks "Smiles, Matthew" To: "NT System Admin Issues" SMILESM@PANA[EMAIL PROTECTED] com SONIC.COM cc: Subject: WINS server querying other WINS server 08/28/2001 10:14 AM Please respond to "NT System Admin Issues" Can a WINS server be configured to query another WINS server when it doesn't know the answer to a name resolution query? For example, I need WINS in a DMZ type environment and I don't want the DMZ web servers to query corporate WINS directly. I want the DMZ servers to register with and query a WINS server within the DMZ and if that DMZ WINS server does not know the answer to a NETBIOS name query, it is configured (and has the necessary holes in the firewall) to query corporate WINS. I think the answer is no and I would have to make the DMZ WINS server a replication partner of corporate WINS, but then this would put the corporate WINS database in the DMZ which is not allowed. Any thoughts are appreciated. Thanks, Matt http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm
RE: WINS server querying other WINS server
Could you use DNS with a WINS lookup record? You could put a DNS server in the DMZ, and in there have a WINS lookup record. The DNS server, when presented with a WINS query, could forward the request to your WINS server. Just a suggestion, and although I have never tried that, it sounds like it could be worth a try. HTH Andre -Original Message- From: Smiles, Matthew [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 3:36 PM To: NT System Admin Issues Subject: RE: WINS server querying other WINS server Ernest, Thanks for the response. The reason why WINS is still required is due to a legacy application that has to be supported and that application has dependencies which require it to be in the DMZ. It's a long story, but of course, ideal case WINS would not exist in the DMZ. LMHOSTS while certainly possible, isn't production feasible as the machines that need to be resolved are under other administrative control so their IP's could be changed without notice. The other option is to use a WINS proxy agent, but then the DMZ servers wouldn't be in WINS and would require static entries. At least that would be manageable as it would be our machines that could change IP's and we would know when we did that. Thanks for the input, matt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 28, 2001 3:02 PM To: NT System Admin Issues Subject: Re: WINS server querying other WINS server You would need to make it a replication partner. Even if it could pass the query the holes you would have to open in the firewall make no sense. I guess I would wonder why a DMZ web server even needs access to WINS period, I would think you would only need DNS. If you need a netbios query for some reason you could use lmhosts instead of having WINS out there. Thanks "Smiles, Matthew" To: "NT System Admin Issues" SMILESM@PANA[EMAIL PROTECTED] com SONIC.COM cc: Subject: WINS server querying other WINS server 08/28/2001 10:14 AM Please respond to "NT System Admin Issues" Can a WINS server be configured to query another WINS server when it doesn't know the answer to a name resolution query? For example, I need WINS in a DMZ type environment and I don't want the DMZ web servers to query corporate WINS directly. I want the DMZ servers to register with and query a WINS server within the DMZ and if that DMZ WINS server does not know the answer to a NETBIOS name query, it is configured (and has the necessary holes in the firewall) to query corporate WINS. I think the answer is no and I would have to make the DMZ WINS server a replication partner of corporate WINS, but then this would put the corporate WINS database in the DMZ which is not allowed. Any thoughts are appreciated. Thanks, Matt http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm