Problem solve Get help with specific problems with your technologies, process and projects.

Should our ISP maintain our DNS server?

Our company's internal network is a 10.x.x.x segment behind a Cisco router and Pix firewall. We want to maintain our domain name of x.com. Would this require us to maintain Active Directory (AD) with our primary and secondary DNS servers? Or is it advisable to have our ISP maintain one DNS server? If our ISP maintains one DNS server, what ports are required to be open on the firewall for DNS updates between the DNS servers?
You should have your ISP perform secondary DNS services for you. Whether or not you use AD doesn't really factor into it. You certainly can use AD, but you're not required to. You'll need to open up TCP/UDP ports 53 at your firewall, at least between your DNS servers and the ISPs DNS servers. If you want to allow requests from the public Internet to be answered by your DNS servers, you'll have to open port 53 from all hosts to your DNS server as well.

Dig Deeper on Windows Server troubleshooting

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.