pheran,
thanks for ur suggestions
i'll clarify some things...
<<
If I'm understanding your question correctly, you're going to need two separate systems, one for external DNS and one for internal.
>>
I was thinking of taking this route, but we dont have enough boxes to accomplish this... however, there are still some caveats that i need to smoothen out in order to use this solution as well...
<<
A single instance of BIND can certainly serve multiple zones (which is what n0cmonkey is referring to), but there's no way you can serve a single zone with two conflicting sets of info (i.e. the internal and external IP addresses).
>>
YAH! that's what i was thinking also! however, somehow i think there is some way to do it... hm.
FWIW, i think what i'm trying to accomplish is something of a split DNS. i did a little research on it, and it could be a solution, but i havent implemented it yet know for certain.
the reason i need this information is... i need to set up two... yes TWO... m$ *gasp!* boxes... that are running active directory. furthermore, i will need to have workstations join the domains of these boxes and be part of these domains. now, research tells me that AD is based a lot on DNS, so i want to figure out the best way to get this to work. this entails having internal machines (the AD machines behind a firewall) being able to authenticate public (not private) workstations.
it is not my choice to do this! but it is an environment that i was forced to use in order to get workstations up and running.
frustrating, to say the least!