Article ID: 294906 - View products that this article applies to.
This article was previously published under Q294906
This article describes how to configure the internal root DNS server to provide name resolution for Internet top-level domains.
Internal root DNS servers do not have root hints and do not forward or resolve any names beyond itself. This behavior is by design to protect the internal DNS server from an Internet attack. You must have a firewall in place to protect the root DNS server.
Depending on your network configuration, you may want the internal root DNS server to provide name resolution services for all Internet top-level domains (.net, .com, .edu), while you still protect it from any outside exposure. To do so, delegate all the Internet top-level domains on an internal root DNS server. Down-level DNS servers in your organization are then able to resolve iterative queries to your root DNS servers for top-level domains.
NOTE: Network Solutions provides a list of aggregated .com, .org, and .net top-level domain zone files (including the checksum files) and is subject to the restrictions described in the Access Agreement with Network Solutions. You use this file to build the delegated top-level domains.
To delegate all Internet top-level domains:
Contact us for more help
Connect with Answer Desk for expert help.