By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Our company's internal network is a 10.x.x.x segment behind a Cisco router and Pix firewall. We want to maintain our domain name of x.com. Would this require us to maintain Active Directory (AD) with our primary and secondary DNS servers? Or is it advisable to have our ISP maintain one DNS server? If our ISP maintains one DNS server, what ports are required to be open on the firewall for DNS updates between the DNS servers?
You should have your ISP perform secondary DNS services for you. Whether or not you use AD doesn't really factor into it. You certainly can use AD, but you're not required to. You'll need to open up TCP/UDP ports 53 at your firewall, at least between your DNS servers and the ISPs DNS servers. If you want to allow requests from the public Internet to be answered by your DNS servers, you'll have to open port 53 from all hosts to your DNS server as well.