I'd like to make sure I'm setting up DNS correctly on a small business network on 10.8.2 server.
Outside Static IP: 10.0.0.0
Server Internal IP: 192.168.1.2
Server Host Name: server.domain.com
Google Apps Services Entries: mail.domain.com, calendar.domain.com
server.example.com on our registrar points to External (static) IP
We're using an airport extreme and in the internet settings I configured the top DNS server to match my server host name. Everything is setup nicely and hums along, but any time a user tries to access a google app service at *.domain.com the name can't resolve. In fact domain.com does not resolve at all.
When I change the airport extreme DNS entries to generic settings (let's tale the google 188.8.131.52 and 184.108.40.206) all client machines can access the google apps services but connecting to the server requires them to type in the servers internal IP address.
How can I setup the airport and server so that only the server hostname (server.domain.com) resolves to my server but *.domain.com or domain.com get forwarded?
Am I completely missing something in doing this?
I would like to be able to type in iwantaserver.com on my server and have it go to the correct host rather than my internal machine. When I go to traceroute this comes up as an unknown host.
The DNS name iwantaserver.com rather than some_server.iwantaserver.com is kind of a special DNS case. But irrespective of that when you say you want 'it' to go to correct host, 'correct' is subjective - what you mean I believe is you want to to go to an external IP address, not an internal (the OS X Server machine) address.
There are a couple of ways you can do this the way you go depends on, again, what you want to be 'authoritative'. It sounds like to me that you don't want to have your internal server to be authoritative for your DNS records, or not all of them. The thing is now is that if you followed previous examples then your OS X server is now (for your internal clients) answering all queries for the domain 'iwantaserver.com' except one of the servers/services you want is on the Internet. Because that service/server is not defined in your local DNS your computers don't know where to find it.
So you have two (three actually) choices:
- Don't use local DNS at all, only use external DNS which means external DNS (authoritative for your domain) will reply with IP addresses. Put list of external DNS servers into your internal DHCP setttings
- Use local DNS but don't make it authoritative for any domain, including the one you own. So no zone file in your internal OS X DNS server. Setup forwarding servers in your DNS server, local DNS server will cache queries and forward out ones it doesn't (already) know.
- Fudge it a bit - have local DNS server be 'authoritative' (internally) for your own domain and put in record for external resource and put in it's real Internet IP address. You have to be careful to change that IP address if the external Internet address changes.
Depends on what you want to achieve.
This will also fix funny things happening on client.