Đang chuẩn bị liên kết để tải về tài liệu:
WINDOWS 2000 TROUBLE SHOOTING TCP/I P phần 6

Nhưng nó không giải quyết được vấn đề. Khi một người sử dụng nội bộ kết nối với news.tacteam.net, một truy vấn DNS được gửi đến máy chủ DNS nội bộ, và được giải quyết đến địa chỉ IP của máy chủ tin tức nội bộ. Một người dùng kết nối đến news.tacteam.net thông qua các địa chỉ liên lạc Internet các máy chủ DNS bên ngoài tường lửa, | 344 Chapter 7 Troubleshooting Windows 2000 DNS Problems But it does solve the problem. When an internal user connects to news.tacteam.net a DNS query is sent to the internal DNS server and is resolved to the IP address of the internal news server. A user connecting to news.tacteam.net via the Internet contacts the DNS server outside the firewall and receives the IP address of the Internet-located news server. At no time do your internal resources become threatened or touched by Internet users. Figure 7.10 displays a simplified network layout of this configuration. Note the two DNS servers one internal and one external. Each of the DNS servers will have different zone databases and they most definitely will not participate in zone transfer with each other. This is the most common scenario you ll encounter because most organizations already have a domain name and are wary of change. However if you are blessed enough to be working with a new network installation or an unusually flexible company the second approach is a lot easier and more flexible. Figure 7.10 Network layout with same internal and external domain name. Proxy DNS is located in DMZ internal to the firewall. Proxy DNS TACTEAM.NET Internet Net News DNS TACTEAM.NET Net Web Firewall Net Mail Internal News External Ol Internal Internal Intern Web Mail News Servers External to the Firewall are directly exposed. Troubleshooting Windows 2000 DNS Problems Chapter 7 345 Different Intranet and Internet Domain Names The best way to go is with different domain names representing your intranet and Internet resources. In this case we could have two domain names taccorp.net and tacteam.net. The former is used for internal resources and the latter for Internet resources. The internal servers would be www.taccorp.net mail.taccorp.net and news.taccorp.net. The Internet servers would be www.tacteam.net news.tacteam.net and mail.tacteam.net. The DNS server on the intranet is authoritative for the taccorp.net zone so that .