Question about DNS zones

Discussion in 'Mac OS X Server, Xserve, and Networking' started by jd342, Apr 23, 2012.

  1. jd342 macrumors newbie

    Apr 23, 2012
    Here's my problem..

    I have an internal webserver that has an external address. Clients on my internal network (the same as the webserver) can't access the internal server using its external address. I got around this in a Windows enviornment (there are multiple buildings with different environments) by creating a primary DNS zone with the external address of the server, and an A Host pointing to the internal address.

    I'm having some trouble getting this setup on Lion server, and rather than breaking DNS again, I figured I'd ask around first. Like I said, I tried adding a new zone, and did something that broke DNS. I had to manually edit the configuration file to remove the new zone. The FQDN is different from the name of the Mac server.

    Basically the Mac server is, and I need to point internally. These obviously aren't the real addresses, but it illustrates what I need to accomplish.

    Does this make sense? Is it possible with Lion Server?

  2. Les Kern macrumors 68040

    Les Kern

    Apr 26, 2002
    On the server, see if you have a file called and move it to the desktop, restart and check.

    If not, I'd suggest using a secondary ethernet connection with a static internal number.
  3. matspekkie macrumors member

    Oct 19, 2010
    Hmm in your example it means you would need 2 different domains. Much easier would be your server being and internal to have that way you only have to add an host within the domain. this you can do easy with serveradmin in dns settings then of course the "internal" clients need to get your server as first dns and all is set. On the other hand i found it much easier to have both external and internal the same FQN server. So external it would resolve to the wan ip. Internal it would resolve whatever you want it to be.
  4. throAU macrumors 601


    Feb 13, 2012
    Perth, Western Australia
    What you want is either "split brain DNS", where the server has multiple views and will return different results depending on the client's IP, or (better) 2 different DNS servers (this way, you aren't exposing your LAN dns server to the internet for all and sundry to try and hack).

Share This Page