I bought an old xserve with 10.5 server. I have followed all the books and tutorials online, but none of them seem to explain setting up name servers for use outside of my network (I would like to run a dev server that other people can use)
I have a 2wire modem that is plugged into the switch for my local network. My server and clients are connected to this switch. The 2wire is set up to send any DNS (port 53) and http traffic to my server 192.168.1.120 (should this server be set up under DMZ??)
I have my server dns set up like this : primary zone – mydomain.com., server1.mydomain.com. – machine – 192.168.1.120, www – Alias – server1.mydomain.com. The reverse shows : 192.168.1.120 – server1.mydomain.com
I have web service running and have tried many settings, but ended up going back to the default so that any http request going to 192.168.1.120 return the default page.
I went to godaddy.com and to change my name servers for the domain I needed to add hosts. So I added ns1.mydomain.com and ns2.mydomain.com pointing to my static ip and changed the name servers from godaddy to ns1 and ns2.
Since there is nothing to handle ns1 and ns2 on my server, I added nameservers ns1.mydomain.com. and ns2.mydomain.com. on my server under the primary zone mydomain.com.
Now I can enter ns1.mydomain.com or ns2.mydomain.com into any browser and I get the default page inside or outside of my network.
I can only hit www.mydomain.com or server1.mydomain.com from inside my network and when I check DNS with whatsmydns.com on these, it shows the internal ip of 192.168.1.120 for some reason. Which makes sense why I can not get to it.
When I try mydomain.com on either internal or external from my network I get nothing, and whatsmydns.com shows nothing as the DNS value.
So now I am really confused where the issue is. Since ns1.mydomain.com works and mydomain.com does not, it almost seems like mydomain.com is not really being forwarded to my name server at all. Except that I can see server1.mydomain.com pointing at the internal network. What am I doing wrong here? Why does it seem that anything now being used as a name server over at godaddy pointing to internal ips?
Sorry for the long post, would appreciate any help.
Best Answer
The DNS interface in Server Admin.app is not suitable for doing a split-horizon DNS configuration. It simply doesn't expose all of the flexibility of bind that you need to pull off such a configuration.
If you poke around the bind config files on your OS X Server, you'll be able to see how apple has set them up so that you can edit them directly without confusing the GUI. /var/named contains zone files that you may edit, and they include corresponding files in /var/named/zones which you should not edit. They've done something similar for /etc/named.conf and the files in /etc/dns/.
Having said that, I recommend not doing both internal and external resolving for split-horizon DNS on your server, mainly because:
It's kind of complicated, and you lose any convenience you had when you were able to use the GUI exclusively
You have NAT, which makes it even more complicated
There are solutions available from third parties that are better-performing, cheap/free, and more robust
In my organization, we use DNS in Mac OS X Server extensively for the internal part of a split-horizon setup. We use the "Advanced DNS" part of a network solutions account for the external part. It comes free with the domains we've purchased, and has redundancy and speed far greater than what I could justify for hosting a handful or externally-resolving names myself.