Newsroom Update

Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: boomboom_uk
boomboom_uk Author
User level: Level 1
10 points

Best DNS setup for public-facing Mac server with no NAT?

What's the best way to set up the DNS server as a member of an existing domain with nameservers elsewhere for a public-facing server with no NAT?


We own the domain myexample.com and it's name servers and zone files are on a hosted linux server with mail/web server services.


We now have a Mac server hosted elsewhere and we want it to be a subdomain of our myexample.com i.e. macserver.myexample.com.


We haven't enabled NAT or DHCP so the Mac server host network IP is a public IP. There is no LAN.


When setting up the DNS server, what should the primary zone be? macserver.myexample.com, or myexample.com?


Any advice would be great. Mr Hoffman....are you out there?



Posted on Oct 19, 2012 12:47 PM

Reply
Question marked as Best reply
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
116,547 points

Posted on Oct 19, 2012 4:14 PM

You do need valid DNS services. But you don't need to provide DNS on the same server. And if you're not dealing with NAT, things can get easier.


The easiest approach available is to not run your own DNS services here. This assumes the OS X Server box is configured on a static IP address, but then that's something OS X Server needs/wants/ expects.


Use the DNS provided by your domain registrar, and your ISP. Or maybe on that Linux box, if that's publicly authoritative for the domain.


Enter the host name and the IP address into the public DNS services that you have configured for the domain, or that you have at your registrar or ISP, or on that Linux box.


You will need to have your ISP for the static IP configure a PTR record (reverse DNS) for the server, particularly if you're planning to run mail or related.

View in context
3 replies
Question marked as Best reply
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
116,547 points

Oct 19, 2012 4:14 PM in response to boomboom_uk

You do need valid DNS services. But you don't need to provide DNS on the same server. And if you're not dealing with NAT, things can get easier.


The easiest approach available is to not run your own DNS services here. This assumes the OS X Server box is configured on a static IP address, but then that's something OS X Server needs/wants/ expects.


Use the DNS provided by your domain registrar, and your ISP. Or maybe on that Linux box, if that's publicly authoritative for the domain.


Enter the host name and the IP address into the public DNS services that you have configured for the domain, or that you have at your registrar or ISP, or on that Linux box.


You will need to have your ISP for the static IP configure a PTR record (reverse DNS) for the server, particularly if you're planning to run mail or related.

Reply
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
116,547 points

Oct 23, 2012 5:39 PM in response to boomboom_uk

You can shut down the DNS server on the OS X Server box.


It serves no purpose here – if you already have public DNS services running for this host – and it's another piece to mantain.


As a test of this, you can shut down the DNS server, configure the OS X Server box to use the existing public DNS servers, and confirm DNS operations with sudo changeip -checkhostname or such.


As for the forward and reverse DNS records, anything that expects to use secure network connections will want the host names to match. I'd tend to expect network diagnostics to catch this error, too.

Reply

Best DNS setup for public-facing Mac server with no NAT?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up