Opinion/Ideas Request: Does this design seem best?

Fri Jul 9 08:36:59 UTC 2004

George <george.e.sullivan at saic.com> wrote:
> I have put a small 160k bmp file at
> http://www.geocities.com/geelsu/DNSidea.bmp
> for this thread.

If it can't be expressed in text it's probably too comlex
to be safe.

> I understand DNS some, but have not really ever set
> it up, especially with a Dual card system and
> with two different domains.

> Having the picture open in another window will 
> help now.

> The Email Sever with Win/Exchange 2003 will be
> in both domains.  It will have
> two NICs as you can see in the picture.  I have
> also cut on 2003's Routing and Remote Access using
> the custom configuration and selected Routing only.
> So no NAT or Firewall stuff at this time.

> I was thinking the Email Server/Win2003 system would
> work for DNS for both the inside and outside domains.
> Inside systems will have it as their default DNS
> Server.  Inside systems will also have 144.32.3.44
> as their default router.  Then 144.32.3.44 will have
> as its default router 8.50.1.44, and this will have
> its default router as 8.50.1.254.  THe TCP/IP properties
> gives me a warning about multiple Default gateways on
> disjoint networks, but I am not sure if this setup
> qualifies as disjoint.  An inside PC client that uses
> 144.32.3.44 as its default router is able to bring up
> webpages from "the Cloud"

> 8.50.1.44 will be know as EServer-Nic1.the.outside.net
> and 144.32.3.44 will be know as EServer-Nic2.the.inside.net.
> I am to sure how to setup all this.

> I also have DNS on a Unix server in the inside.  Windows 2000
> use to have DNS setup for a secondary text base domain that
> would work in Active Directory, but I am not sure which
> selection this is in the new 2003.  DNS setup is worded 
> differently now, with other selections.

> 144.32.3.50 is another Win 2003 system that now has
> user accounts, files, etc on it.  I did not know
> if I should put it as the default DNS server for inside
> systems.

> Systems in "the cloud" can ping my 8.50.1.44 or outside
> NIC card.

> For security, there will be a PIX box between the router
> and the outside NIC in the future.

> Anyway, does this setup seem sound in design?
> Any ideas or opinions would be greatly appreciated.

No. Any "dual-nic" solutions is movin the solution in the wrong direction,
usding a windows system for anything but gaming is wrong, complex 
solutions will cost more and have many more "got-you" effects
then simple dedicated solutions.

You are way out. Be prepared to restore backups.

> Thanks

-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.