Ask the Expert

Should our ISP maintain our DNS server?

Our company's internal network is a 10.x.x.x segment behind a Cisco router and Pix firewall. We want to maintain our domain name of Would this require us to maintain Active Directory (AD) with our primary and secondary DNS servers? Or is it advisable to have our ISP maintain one DNS server? If our ISP maintains one DNS server, what ports are required to be open on the firewall for DNS updates between the DNS servers?

Requires Free Membership to View

You should have your ISP perform secondary DNS services for you. Whether or not you use AD doesn't really factor into it. You certainly can use AD, but you're not required to. You'll need to open up TCP/UDP ports 53 at your firewall, at least between your DNS servers and the ISPs DNS servers. If you want to allow requests from the public Internet to be answered by your DNS servers, you'll have to open port 53 from all hosts to your DNS server as well.

This was first published in July 2003

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: