We have a small situation that may require us to temporarily host DNS requests on a temporary server for a customer's domain. We think we can use our SBS 2008 to do this. I've proven it can work, in theory, but I'm wondering if I am not anticipating something.
The situation, in case anyone has a better answer, is thus:
We are attempting to move a domain name from GoDaddy to Network Solutions. Predictably, we want to minimize downtime. The domain name in question has a few DNS related records -- a couple of As, a few CNAMEs, MX, and one SRV.
When I spoke to NetSol, they stated that there was no way I could alter anything DNS related on their side until the domain transfer had completed. So, I would be likely to encounter a domain name waking up in its new home with no DNS records available to keep mail flowing, web site accessible, etc.
They suggested we host DNS temporarily at a way-station of sorts.
I created a new ZONE in my SBS2008 along with all the A, CNAME, etc. records for the domain. I tested via NSLOOKUP and confirmed that accurate information is given both when I query against the server internally and when I let DNS queries through the firewall and query from the outside.
I believe all I really need to do now is change the nameserver entries at GoDaddy.
Am I not anticipating anything?
Cheers,
m
A couple of things, although it sounds like you've got the bases covered:
Make sure your firewall rule only allows UDP\TCP traffic to port 53 on the server.
Make sure that you have the "secure cache from pollution" setting enabled on the server.
Make the zone in question a standard Primary zone and not an AD integrated zone.
Disable recursion on the server.
Disable dynamic updates on the zone in question.
If this server is also a production server for your customer, I might suggest setting up a temporary server for the purpose of hosting the public DNS zone. I wouldn't want external queries for the public zone coming in to my production AD\DNS server. You can get a 180 day eval of W2K8 from MS and run it on any spare computer that meets the system requirements.
I haven't hosted a DNS zone for a public namespace on an internal server, I have my public DNS hosted with NetSol, but if I had to, this is how I would do it. Of course, take my suggestions with a grain of salt and see what otheres here have to say.