Basic DNS Setup

Similar Messages

• Snow Leopard Server DNS setup

  Where is there a step by step setup for making my Snow Leopard Server with DNS? Essentially, I am looking to setup a mail server but seem to be missing what information I need to gather from the folks that host my domain and how to point traffic to my network.

  When I started setting up my first Mac OS X Servers a few years ago I had to completely retrain my brain because the MacOS does not follow the traditional nomenclature of Windows Active Directory and DNS setup. That being said like AD for Windows MacOS relies very very heavily on a healthy and properly running DNS system, both internally and externally. So one great resource I found was about 10+ hours of training on Leopard Server over to Lynda.com. I think you can sign up for a month long membership but it's well worth the investment if your looking for some basics thru advanced setup of Leopard Server. Now SLS is much much easier at the setup and deployment and some of the fundamentals of the setup interface have changed greatly (as an improvement) but the videos are still very applicable.
  Basically it comes down to the following steps in order to get your website/e-mail/wiki services working.
  1. Purchase your .whatever with a registrar, godaddy, doster, network solutions ect...
  2. Make sure you have a fully routable PUBLIC IP address from your ISP that you can assign to the WAN (internet side of your router)
  3. Contact your ISP and ask then to create an rDNS entry for your .something to the IP address they assigned you. Usually this will look like xxx.xxx.xxx ---> mail.mydomain.com when you test later on.
  4. Modify the DNS records with your registrar to point the MX & A record to your new IP. You will log in create an A record for mail.mydomain.com ---> xxx.xxx.xxx (your public IP on router) and then you will create an MX record for e-mail which will simply be mail.mydomain.com with a value of 10 (there is usually a screen for this).
  5. Once all the DNS is setup and working properly (Can take several days for these changes to take affect and be visible by your ISP) then you can begin the configuration of your router. You will need to determine what IP internally you want your Mac to be. Usually 10.0.0.1 or 192.168.1.1 or other and document that. Program your router to port forward ports 25,110, 80, 143 to the IP that you decided your Mac will be at so those services will be publicly available to you to user. Otherwise nobody will ever be able to send you e-mail or visit your site.
  6. This is a good time to check your work and settings by visiting www.mxtoolbox.com and you verify your rDNS (setup by ISP) and your DNS (Setup by you) before beginning your setup of OS X SLS. If everything checks out then start the install if not STOP HERE and fix it because it will haunt you in the long run.
  7. Start the install of SLS and at some point the system will get you to the screens at which you input your domain information. If all was setup properly up to now SLS will auto-populate the domain and local hostname of your Mac Server. U can change the local hostname if you wish but the domain name information should reflect your rDNS and A record information of mail.mydomain.com and you can hit next and proceed with the rest of the install.
  8. Once up and running you will need to make a small adjustment to the alias of your e-mail. For some reason the engineers at Apple left a flaw in (my opinion) that is as such. Whenever you send e-mail it will go as [email protected] instead of what you really want which is [email protected]. So follow this post below and you will be all fixed up in a jiffy.
  http://discussions.apple.com/message.jspa?messageID=10110723#10110723
  Hope this helps.

• DNS Setup/View external website internally

  Greetings all - trying to set up a Mac server from scratch for the first time. Been managing one for a while but didn't actually set it up myself.
  I have the beginnings of DNS setup all squared away, but am still looking to figure out how to properly set up my website. Here's my setup. We used to have a joint Windows 2003/10.5 server environment. Windows handled Exchange and DNS, the Leopard box handled everything else (DHCP, web, file sharing, etc). We're transitioning everything to the Mac box in preparation for setting up Kerio MailServer and just to ditch the windows box.
  I own companyname.net - that domain is hosted externally by Network Solutions. It's forwarded to my static IP.
  Our old internal DNS was hosted by a Windows 2003 box - it had zones for companyname.ltd (the private internal domain) and companyname.net. companyname.ltd was the nameserver. There were two A records handling the website for internal clients - one with a blank name, and one with www. Both pointed to the IP of the Mac server (the current box that I'm transitioning everything to). Everything was hunky dory - internal pings to the web address went to the internal ip, externally it went to the external IP, and everything worked just great.
  So in setting up the new DNS on the Leopard box, here's what I have so far.
  Primary zone: companyname.net
  A Record: macpro : 192.168.1.3 (this is the name of the server)
  A Record: mail : 192.168.1.2 (our mail server)
  Alias : ichat : macpro.winstongroup.net
  The checkhostname thing works fine, Kerberos is up and running, as is Open Directory.
  Now, I do not know how to set up our website so that internal clients can view the external website. I tried creating an A record to the server for www, but then that overrides the macpro A record that is the host of the whole thing. I also tried creating A records to the external IP, but then when I pinged it just pinged once, then it seemed like the firewall kicked in and stopped it. I tried creating aliases to companyname.net but every time I did that, Server Admin kept adding on an additional companyname.net to the end of the name (so it would read like companyname.netcompanyname.net). That didn't make much sense to me.
  I'm sure there's other people who can view internally hosted sites from the lan - so any help would be very much appreciated!

  One minor other question. I prefer the url of our site to be companyname.net instead of www.companyname.net. So now, while www is set up as a server alias, it wouldn't direct to companyname.net, even though that URL was set up in the web services panel in Server Admin. I then created a new alias that was "companyname.net", without the trailing period so it was not a FQDM, directed it at the same web server, and everything seemed to work. Does that seem right - it's working, so it seems to be somewhat right at least!

• Help with Proper DNS Setup for Leopard Standard Server Setup

  Hello All,
  Problem Description-
  I was reviewing some training today on DNS setup and checking for proper setup with the sudo changeip - checkhostname tool and I seem to have an incorrectly configured DNS setup. So I need some help on correcting it. When I go to the "Server Preferences" tool I cannot log in using apple.ourdomainname.com instead in order to use the tool I have to input localhost as the server name. Now I just thought that the system was broken or something and with the help of my training I now see it's a DNS problem. I thought I had everything proper since I followed the steps of creating proper DNS/RDNS entries with my ISP. Now I am stuck wondering what else isn't working properly due to the DNS issue. Thanks in advance.
  Technical Info-
  My ISP provides us with 5 static IP's and we have asked them to create entries and verified the setup of apple.ourdomainname.com = x.x.x.x which is one of our public IP's assigned currently assigned to the WAN port of our Apple Airport Extreme. We have also had them create a PTR record which also is present, verified and functional. Our MacMini running 10.5.5 is connected directly to one of the ethernet ports on our Apple Airport Extreme which is our NAT/Firewall for the LAN. So during the setup of the Standard Server install the OS configured the Airport with the required ports for chat/web/vpn. And mobile Mac's can VPN in and gain folder access and web works fine too. We don't use the e-mail portion so I can't say how that works. The server is using the DNS of 10.0.200.1 which is the IP of the Airport and the airport is programmed with the DNS of OpenDNS servers 208.67.222.222 and 208.67.220.220. The reason for this whole long shpeal is that I want to give as much technical background as possible for the best possible help.
  Thanks
  DM

  What happens when you use 'Localhost' instead of 'localhost' (i.e. capitalizing the 'L')?

• Multiple Leopard Servers - DNS Setup

  Hi guys,
  Just wandering what I need to do when setting up more than one server on the network with my DNS settings.
  I already have a leopard server box, running advanced with DNS setup and working correctly. How do I setup the second server?
  Do I create a machine record on the original server, as if the new server is just another network device, and not turn on dns on the new server?
  Thanks,
  Nige

  "If you like you can add a NS record for the new machine/DNS name, set the new machine up as a secondary/slave DNS and allow for zone transfers in the first primary/master one. "
  hmm, I think I follow.
  "The second one should use the same forwarders as the first one (both machines should only use itself as the DNS in Network prefpane) and also the LAN reverse zone (*.in-addr.arpa.) should be zone transfered to the secondary DNS."
  Are there instructions on setting up a secondary DNS?
  "In DHCP setup also add the second machine/DNS IP so clients can use either/both."
  I'm not running DHCP on the server, so I'm not sure what I can do here.
  I guess I'll need to do a similar thing with directory as a well, so that both servers have the same users and groups.
  Nige

• WRT610N incorrect DNS setup using DHCP with 1.00.03.15

  I just noticed this last night and probably could explian my poor network performance since upgrading to firmware 1.00.03.15.
  All of my computers using DHCP, both wired and wireless, Vista & Linux, show DNS1 as 192.168.1.1 or the routers IP address.  I know that 1.00.03.15 fixed a DNS vulernability, but I can't believe this is by design.  Looks like another bug to me. 
  I reverted back to 1.00.2.10 for now, problem goes away.  Hopefully the performance will improve.
  Anyone else experience this?

  Spoke too soon.  Firmware 1.00.02.10 also experiences incorrect DNS setup when using DHCP.  I upgraded back to 1.00.03.15 and set the static DNS ip address on the main router setup page.  Seems to be working.  Hopefully Time Warner doesn't change there DNS ip address that often.

• What did the disable mean in basic wireless setup?

  hello
  I have bought a WRT160N and find there is a option "disable" in basic wireless setup. I want to know if I chose this option, the router shutdown its wireless signal or just cannot  use its wireless function? I mean, if I chose this option, does this router exactly like a wired router?
  Many thanks.
  Solved!
  Go to Solution.

  If you set the "Network Mode" to "disabled", your WRT160N becomes a "wired" router.  The wireless radio is turned off, so the router behaves the same as a wired router.
  Message Edited by toomanydonuts on 10-24-2008 05:12 AM

• DNS Setup for Lion.

  I'm a little confused with the DNS setup for Lion Server.
  My scenario is this.
  I have a router, IP 10.0.0.1.
  Server running DNS is manually set to 10.0.0.253.
  FQDN for the server is server1.mycompany.net (it is proper registered and live domain name I have used)
  Externally I use Dyndns to point external folks to mycompany.net, and through the correct ports I can hit the router/gateway with the URL. This confirms that Dyndns is working.
  I have forwarded POrt 80 on the router to 10.0.0.253.
  Currently I have set DNS to have a zone of mycompany.net. Within the zone I have a machine record server1.mycompany.net set to 10.0.0.253
  I think I have set the reverse lookup correctly, but the way it is shown in the DNS record looks strange (IP address looks backwards and says something about ARPA.
  Web Server is running on the server.
  Currently if I go to a web browser inside the LAN and use either www.server1.mycompany.net or www.mycompany.net (or the same without the www) I get an error message. The same occurs outside the lan on an internet connected machine.
  If I enter 10.0.0.253 from inside the lan, I get the Mac WebServer default screen, showing the server is working fine.
  I'm guessing I have made a mess of setting up DNS.
  I'm looking at some point set up a small website, just to prove to myself I can get this working, but I can't work out what I have done wrong.
  Can anyone suggest where to look?
  TIA

  Right now down to diagnostics
  in terminal on server type
  william:~ william$ dig www.wenatcheefirst.org
  below is what i get  copy what you get
  ; <<>> DiG 9.7.3-P3 <<>> www.wenatcheefirst.org
  ;; global options: +cmd
  ;; Got answer:
  ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29412
  ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 6, ADDITIONAL: 0
  ;; QUESTION SECTION:
  ;www.wenatcheefirst.org.                    IN          A
  ;; ANSWER SECTION:
  www.wenatcheefirst.org.          3600          IN          CNAME          wenatcheefirst.org.
  wenatcheefirst.org.          3600          IN          A          205.186.154.164
  ;; AUTHORITY SECTION:
  org.                              126088          IN          NS          a2.org.afilias-nst.info.
  org.                              126088          IN          NS          d0.org.afilias-nst.org.
  org.                              126088          IN          NS          b0.org.afilias-nst.org.
  org.                              126088          IN          NS          a0.org.afilias-nst.info.
  org.                              126088          IN          NS          c0.org.afilias-nst.info.
  org.                              126088          IN          NS          b2.org.afilias-nst.org.
  ;; Query time: 430 msec
  ;; SERVER: 192.168.88.250#53(192.168.88.250)
  ;; WHEN: Fri Apr 13 20:08:06 2012
  ;; MSG SIZE  rcvd: 208

• New server Network & DNS Setup

  I just got a New Dual G5 Server and set it up using the pdfs from apple. Mainly the Getting Started Appendix B page 149 Small Business Setup using the Gateway Setup assistant. I ran into all sorts of problems like being unable to login to the open directory and i think it was my DNS setup that was the problem i then changed the setup multiple times using various How-tos in this thread to no avail.
  So i have reinstalled the the Server software and will start again using the following steps.
  This is my first post so i please let me know if i have provided enough info or to much?
  SETUP:
  ADSL 2 connected to DLINK 4 port Wireless Router (24Mbps) 1 port plugged into Ethernet 1 on Server. Router is setup as a DHCP using 192.168.0.1 and 192.168.0.2 for xserve. subnet mask is 255.255.0.0 (dynamic ip address from ISP)
  Xserve Ethernet 2 will provide DHCP and NAT via a 16 port switch to Computers and Printers. Setup as 192.168.2.1, 255.255.255.0
  I want to use the xserve as a file server, filemaker database server, web server for a test site for some of our content and also possibly an email server.
  INSTALL
  1. Install OSX 10.4 with ethernet settings above eth1 is DHCP eth2 is manual
  assigned, no services will be set to start up and i choose Standalone
  Server
  2. Update with Software Update
  3. Setup DHCP for the Clients - Start Service
  4. Setup DNS use " company.private" for the host name and the DNS server ip
  will be the 192.168.2.1 address
  5. Upgrade to Open Directory Master and Kerberize
  6. Setup Sharepoints for Data Storage and Home directory location
  7. Start Apple File Services AFP
  8. Create user Accounts / Groups
  9. Setup Directory Access on clients to see LDAP server and DHCP.
  Login from clients to get an automounted sharepoint and Home directory,
  "sounds easy when i type it up like that".
  Could anyone let me know if i am doing it the right way or if there is anything i have missed wrong order or something important.
  Should i change the routers subnet mask to 255.255.255.0 ?
  Obviously wireless clients will have access direct to internet due to the router and the routers DHCP. Can wireless users access their Home directory in this manner via the ethernet 1 port?
  Should i just let the router handle the DHCP for everyone and plug it into the switch with only 1 ethernet being used on the server?
  I will eventually have to have another subnet for student computers in the future.
  I would greatly appreciate any advice

  Pretty long post, and I doubt anybody here will want to go through the entire setup process. However, I'd re-think your baisc hardware configuration.
  I don't know why everybody gets so excited about using that second ethernet port on the Xserve. It's necessary in some setups, but if you already have a router providing DHCP on a small network it seems like overkill.
  I'd setup the chain in this order:
  Internet - ADSL Modem - Router - Switch - Xserve / Computers / Printers
  Setup your server with a manual IP address (192.168.0.2 is fine). Point it to itself as the DNS server.
  Leave the router at 192.168.0.1, and configure the router to assign DHCP above the Xserve's address (say, from 192.168.0.10 and up). Also let the router handle NAT.
  Network homes work over wireless, but it's not an entirely satisfactory experience. You might consider using portable homes instead; sync times will still be slow, but overall you'll cut down on network traffic and it should at least appear faster to your users.

• I need help with proper DNS setup for 10.5.8 Server

  I'm administering a 10.5.8 server that I sold and setup about a year ago. I'm experiencing issues with getting iCal server to be happy. All of the clients are running 10.5.8, but I'm running 10.6.1. I've heard from others that connecting iCal in 10.6 to a 10.5 iCal Server should be no problem.
  I'm beginning to think that I have DNS issues. Probably because I'm not and never have been 100% certain how to set it up completely correctly. I used to be able to get Kerberos tickets, but now I can't. With the new "Ticket Viewer" in 10.6, it asks for two bits of information. First is "Identity" where I'm guessing I should put [email protected] and then password. When I do this I get an alert dialog that says "Kerberos Error -- cannot resolve network address for KDC in realm example.com"
  The server is a Mac Pro tower with two Ethernet ports. En2 is connected directly to the Internet and has a static IP with a domain name assigned to it. We'll call it "example.com" for the purposes of the discussion. The En1 is connected to the network switch and has a static LAN IP of 192.168.1.250. All clients inside and outside are able to reach the server via domain name for WWW & AFP, no problem.
  nslookup on the static IP address returns "example.com" and nslookup on "example.com" returns the correct static IP address. Open Directory is running and happy including Kerberos. The LDAP search base is "dc=example,dc=com". The LDAP search base is a concept I haven't quite grasped, so I'm just going to assume it's correct.
  The domain name is hosted outside by a service provider that forwards all "example.com" requests to the server with the exception of mail.
  In DNS, I have three "sections" that look like this:
  Name Type Value
  1.168.192.in-addr.arpa. Reverse Zone -
  192.168.1.250 Reverse Mapping example.com.
  000.000.00.in-addr.arpa. Reverse Zone -
  000.000.000.000 Reverse Mapping example.com.
  com. Primary Zone -
  mail.example.com. Alias mail.our-email-isp.com.
  example.com. Machine Multiple values
  www.example.com. Machine Multiple values
  NOTE: the zeros aren't actually zeros, they are the static IP assigned to the server/domain
  When I select the top element "1.168.192.in-addr.arpa." down below "Allows zone transfer" is NOT checked. Nameservers shows the zone as "1.168.192.in-addr.arpa." and the Nameserver Hostname as "ns.example.com."
  When I select the next line down "192.168.1.250", Resolve 192.168.1.250 to: example.com.
  When I select the "000.000.00.in-addr.arpa." element, it has the same settings -- nameservers "000.000.00.in-addr.arpa." and "ns.example.com."
  When I select the next line down (our static IP), Resolve 000.000.000.000 to: example.com.
  When I select "com." the admin email is populated with a valid email address, Allows zone transfer is NOT checked. In nameservers, Zone is "com." and Nameserver Hostname is "example.com." The mail exchangers are mail2.our-email-isp.com. priority 10 and mail.our-email-isp.com. and priority 20.
  When I select the machine "example.com." it shows both the real-world static IP and the 192.168.1.250, same with "www.example.com.".
  Am I doing something wrong with this setup? Should "com." be the primary zone or should that be "example.com." ???
  I've been thinking about getting rid of the DNS entry for the 192.168.1.250 address altogether, but will the clients in the office suffer performance issues??? I do not think that the client workstations are configured to get DNS from the server anyway. Should the "www.example.com." record be a Machine record or should it be an alias record?
  Any help you have to offer is greatly appreciated! Thanks!
  In the meantime, I'm going to look around and see if I can understand "Allows zone transfer" and LDAP Search base a bit better.

  Okay, I found a lovely article at the following address which I think helps me to clarify what I'm doing wrong. Despite that, I'd still like to have any feedback you have to offer.
  http://www.makemacwork.com/configure-internal-dns-1.htm
  Also, when editing DNS entries, Server Admin likes to set the nameserver to "ns." -- whatever your domain is. Should I be overriding that and if so, replace it with what?

• Issues with basic VPN setup and split tunneling

  I have created an SSL VPN to a CISCO ASA 8.6 running ASDM 6.6.
  Im able to connect to the VPN and reach all the devices with the LAN but  Im not able to browse the web. When I enable the split tunnel Im able  to browse the web but then Im not able to reach any internal device.
  Here is part of the show run:
  object network RedInterna
  subnet 150.211.101.0 255.255.255.0
  description Red Interna
  object network NETWORK_OBJ_10.4.1.0_28
  subnet 10.4.1.0 255.255.255.240
  access-list inside_access_in extended permit ip object RedInterna any
  access-list VPN_INTERNET standard permit 150.211.101.0 255.255.255.0
  pager lines 24
  logging enable
  logging asdm informational
  mtu outside 1500
  mtu inside 1500
  mtu management 1500
  ip local pool VPN_POOL 10.4.1.1-10.4.1.14 mask 255.255.255.240
  failover
  failover lan unit secondary
  failover lan interface fail-1 GigabitEthernet0/2
  failover key *****
  failover interface ip fail-1 10.3.1.21 255.255.255.252 standby 10.3.1.22
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-66114.bin
  asdm history enable
  arp timeout 14400
  nat (inside,outside) source static any any destination static  NETWORK_OBJ_10.4.1.0_28 NETWORK_OBJ_10.4.1.0_28 no-proxy-arp  route-lookup
  nat (inside,outside) after-auto source dynamic any interface
  access-group inside_access_in in interface inside
  route outside 0.0.0.0 0.0.0.0 187.217.68.145 1
  route inside 10.0.0.0 255.0.0.0 10.1.1.78 1
  route inside 150.211.0.0 255.255.0.0 10.1.1.78 1
  webvpn
  enable outside
  anyconnect image disk0:/anyconnect-win-3.1.00495-k9.pkg 1
  anyconnect enable
  tunnel-group-list enable
  group-policy GroupPolicy_VPN_ internal
  group-policy GroupPolicy_VPN_ attributes
  wins-server none
  dns-server value 8.8.8.8
  vpn-tunnel-protocol ssl-client
  default-domain value dominio.com.mx
  tunnel-group VPN_ type remote-access
  tunnel-group VPN_ general-attributes
  address-pool VPN_POOL
  default-group-policy GroupPolicy_VPN_
  tunnel-group VPN_ webvpn-attributes
  group-alias VPN_ enable
  I´m not sure if Im missing some small details or setup. Any help will be highly appreciated.
  Thanks!!!

  Hi,
  When you are using Full Tunnel VPN (which is the default setting) you will have a couple of things that you need to configure on the ASA.
  First, the ASA by default won't allow traffic to enter through an interface and then leave through that same interface. This is what essentially happens when the traffic from the VPN Client comes to the ASA and then heads out to the Internet.  In your case the traffic comes through the "outside" and leaves through the "outside" interface.
  You will need this command
  same-security-traffic permit intra-interface
  You can check if its enabled at the moment with the command
  show run same-security-traffic
  Second, the VPN users will need to have NAT configuration just like any LAN users behind the actual ASA. So you will essentially have to configure Dynamic PAT for traffic from "outside" to "outside"
  You can accomplish that with the following configuration
  object network VPN-PAT
  subnet 10.4.1.0 255.255.255.240
  nat (outside,outside) dynamic interface
  I would imagine that this should do it for you to be able to connect to the Internet and to the LAN network when the VPN is active.
  Hope this helps
  Let me know how it goes.
  - Jouni

• Questions on the very basics of setup

  I'm helping a "friend" setup his MacBook Pro (a likely story, I know). he has an AirPort Extreme and wants to connect to the internet using his DSL box. All the cables are correctly connected, I believe. Went through the procedure of using the AirPort Setup Assistant (creating network i.d., password, etc.). When we click "connect", the left AirPort light flashes periodically as it's supposed to, but we get the following message after a few moments:
  "could not find a PPPoE server"
  I presume that means that we need to install the DSL software on the machine. Is that correct? Should this be an "easy" fix or do I have to consider other things in order to get to the internet?
  I do apologize if this is a re-run question, but I didn't see it in the forum. Thanks for any guidance or reference to other links in the forum.....

  Just as a hunch, and I'm new to this support site as well, but I'd go check out the Airport Forums, and see if there is this info in there already. That being said, from what I understand and have experienced, some adsl modems work in dummy mode, where the router/airport device actually prompts the information through it, and some have their own dhcp server with all that username/password,ect, stuff in there. One thing you may have to do is connect the modem directly to your ethernet port on your computer, and go into your webbrowser and type "192.168.1.1" into the address bar and press enter, this should give you your dsl modems configuration page, from there you'll have to figure out which option you can go with. What i've seen a few times is a modem that has to have the username and password setup, and also has basic network configuration, and then a router, which has to be setup for dhcp as well, with no username and password info involved. What makes this more confusing, is sometimes both the router and the modem are set to use the same default address for themselves. Try checking out the documentation on both the airport, and whatever information you can glean from your isp about your modem. If this all sounds like nonsense to you, I'd just check into paying your isp to send someone to set it up, or some other knowledgeable networking tech. Good luck

• Proper DNS Setup for SLS

  I have a new MacMini SLS and I need to make sure I am doing things right. I have BrightHouse Business Cable service with 5 static and one with RDNS for apple.ourdomain.com pointed at 1 of the IP's which is currently connected to our new AEBS. The AEBS is DHCP for LAN side and has been setup with ISP DNS.
  When setting up SLS, the server finds that it's internet hostname is apple.domain.com as it should but computer hostname is just always set to apple. Once server is running all e-mail sent comes from [email protected] instead of domain.com which is fixed by adding an alias in the hosting section of mail. But the server itself in DNS is set for the domain apple.domain.com instead of domain.com with an NS of apple.domain.com is this ok? If during setup I change apple.domain.com to just domain.com then dns looks funny again as the domain would be right but the ns is then just set to domain.com instead of apple.domain.com so either way in my mind it's wrong. I just want to do it once and right so that the server runs smoothly and I am not sure what to do.

  Works out just fine.
  Primary address = 10.0.200.2
  Current HostName = apple.ourdomain.com
  DNS HostName = apple.ourdomain.com
  The names match. There is nothing to change.
  dirserv:success = "success"

• What Is an Appropriate Hostname & DNS Zone Configuration for External DNS Setup?

  I setup servers that are hosted on a secure external data centre. The data centre has its own DNSS, so the DNS service is never setup on the server itself, and is handled by the data centre. I have already setup a handful of servers, and they all seem to be working well. Nevertheless, a couple of people in these discussions have told me, that I'm not setting the servers up 'properly' because of the way I'm naming the server - ie., they believe I'm assigning a 'wrong' hostname - and because of the way I'm setting up subdomains in the zone file. Here is how I'm currently doing it:
  CURRENT SETUP:
  The server is public, and it is also the ONLY machine publicly in the domain zone. So, if the client's domain is "example.com", there is only one machine that will respond to all services in that domain. Because of this:
  - Server Hostname: "example.com"
  - reverse DNS PTR record points to "example.com"
  -  'mail.example.com', 'www.example.com', 'ftp.example.com', etc, are all setup as A records that point to the same IP address as "example.com".
  This has been working fine so far. I have not had any problems with any service, including mail. However, a couple of people suggested that "example.com" is not a fully qualified domain name, and that this setup is therefore  'incorrect', and that it will cause me problems in the future. They suggest I should be setting these servers up like this:
  SUGGESTED SETUP:
  - Server Hostname: "server.example.com"
  - reverse DNS PTR record points to "server.example.com"
  - setup "www.example.com" as a record pointing to the same IP address as "server.example.com", but avoid setting up other subdomains unless absolutely necessary - ie., tell client to use "server.example.com" as the 'proper' address for mail/ftp/etc.
  Technically, 'net', 'company.net' and 'server.company.net' can all be fully qualified domain names, if each one of them points unequivocally to a single IP address. An domain name is not fully qualified, for instance, when it points to a subnet instead of a single IP address. Using "example.com" as a FQDN is technically correct. However, what is 'technically correct' and what Server considers acceptable are not always the same thing....
  I certainly don't want my clients to have problems in the future, and if OS X Server is going to misbehave because of the way I'm setting up my hostname and zone files, I need to know for sure NOW rather than later!

  I'm the "other people" referenced here.
  For general information on DNS, please acquire and skim a copy of Cricket Liu's DNS and BIND book.  It was on its fifth edition when last I checked.  DNS server on OS X Server is the ISC BIND server, which is discussed in that book in some detail.
  If configuring OS X Server in a data center, the OS X Server box probably does not want (nor need) to be running a local DNS server.  (Running local DNS services just means that DNS server will potentially become part of a DNS DDoS, if who can issue queries to the server isn't carefully controlled.)  Use the DC DNS server(s).
  If you want the domain itself to be used as an IP address (eg: example.com), then that's usually an A record, particularly if you're getting email via that domain (and not an MX record going elsewhere).  Some versions of OS X Server have had some issues with setting up this record within Server Admin.app and Server.app.
  The previous issues were likely due to stale DNS translations lurking within the configuration, and caching of that data up to the TTL.  (FWIW, this discussion is related to this thread and this thread.)

• Mac mini server networking and DNS setup help

  Thanks in advance to anyone who can help me with this. I'm working at a small business where I'm the only guy with any IT experience at all, but I'm new to Macs and OS X (<1 year) and being a server admin so please bear with me.
  We just bought a Mac mini server as we are expanding from a bunch of workstations and Google Docs. I've just gone through the installation process, but nothing else is on the server, no user data at all, so if the answer is to reinstall from scratch, I can do it.
  We'd like the mini to be a file server, print server as well as the gateway for the internet. I realize we could stick to our router and have the server as another node in the network, but we also got a Time Capsule for backing up the server and will locate it in another room to be another wireless access point there.
  When going through Server Assistant, I didn't really know what to name the machine so I used corp-Server.local for the Current Hostname and corpserver.private for the DNS Hostname (though i actually use a 3-letter company acronym instead of "corp").
  However, i realized after setup we'd want to access the server externally by name, so I changed the DNS hostname to server.companyname.com in the Zones tab of the DNS section of Server Admin (edited primary zone name, changed Nameservers entry for both primary and reverse zone).
  I don't know what else I need to do though because there are loads of instances where corpserver.private still shows up, like in the Open Directory section of Server Admin (which btw always hangs when I open it) and the Contact Info of users (eg. user email is [email protected]). I also had trouble earlier using Server Preferences and Server Admin either not connecting or not recognizing my login, but that seems to have abated.
  I guess my problem is, where else do I change the DNS hostname? Or do I have to change the DNS hostname back to corpserver.private (in Server Admin)? That way, I think at least everything will be consistent, but would I be able to still configure it somehow so that externally, we could access the server by the server.companyname.com URL?
  Also, can the mini be a wireless router for the office? As mentioned before, we want to cut the existing wireless router out and use the mini instead (and use the Time Capsule as a wireless bridge).

  So the ISP<->router connection can have a dynamic IP address, but the router<->server one should be static? I guess that means I have to set the IP address in the router. I hope I can get access to it. I don't suppose it matters which one I set first?
  An IP router does not assign addresses.
  A DHCP server does assign IP addresses upon receipt of a DHCP request from a client.
  Some routers (and many firewall routers) do include a DHCP server.
  A box with a static IP address does not need to send a DHCP request; it has a static address.
  You'll need to ensure that the IP address pool within the DHCP server does not overlap the addresses that are manually assigned to your local hosts; the static IP addresses on your LAN.
  [Here is an overview of the pieces involved here, and some of the typical terminology|http://labs.hoffmanlabs.com/node/275].
  I hate to belabour the point, but I just want to clarify: in my setup where ISP<->router<->server<->clients, where the server is the only machine connected to the router, which one should be the local DNS server? The server, right? So if the DNS server is turned on in the router, I should turn it off? Or do I need both (ie. router for its LAN (to server), and server for its LAN (to clients))?
  So to confirm, the configuration includes (probably) a modem, a router (firewall) and a router (Mac), and then the rest of the (local) show? That is not the simplest configuration, and it's Particularly given that Mac boxes make expensive and slow routers.
  The usual configuration is ISP>firewall>LAN and the LAN is usually built from WiFi, wired connections and switches. Within one subnet (which is typical) any host inside your firewall is connected on the LAN, and can communicate (directly) with any other LAN client. The firewall is configured as the gateway; that's the default route for outbound connections.
  One more thing that's bugging me: I still don't understand why I couldn't connect to the internet when I plugged in the Ethernet cable from server to router. Even if I was using DHCP to get a dynamically allocated IP, shouldn't it still have worked? I'm worried that I'm going to set up everything as it should be but the connection still won't work.
  That's likely because you're trying to use the Mac as a router, and that takes specific configuration steps. It's easier to have ISP>firewall>LAN, and have the Mac OS X Server box and the rest of the stuff as peers on your LAN. If you really want to use the Mac as an IP router, look around for setting up static routes on Mac; there are postings around for that.
  If your data is more valuable and your security preferences and requirements are higher, then you may want a firewall with a DMZ, and put your web-facing boxes over in the DMZ. If you're serving stuff to the web or a mail server or such, it's possible to get breached, and a breach means folks can potentially get further into your LAN. With a DMZ, they're somewhat more isolated from your LAN.