This is useful for a lab environment where you have an AD forest uses same domain name AD-wise and DNS-wise
- Set up
- domain name: foo.bar
- internal subnet: 192.168.0.0/24
- Commands
- Add-DnsServerClientSubnet -Name "loopback" -IPv4Subnet 127.0.0.0/24
Note: don't forget to add loopback as internal subnet - Add-DnsServerClientSubnet -Name "internal" -IPv4Subnet 192.168.0.0/24
- Add-DnsServerZoneScope -ZoneName "foo.bar" -Name "internet"
- Add-DnsServerResourceRecord -ZoneName "foo.bar" -A -Name "@" -IPv4Address "yourPublicIP" -ZoneScope "internet"
- Repeat above to add other A records that needs a public internet presence
- Add-DnsServerResourceRecord -ZoneName "johnfoo.tk" -name "@" -NameServer "yourPublicIP" -NS -ZoneScope "internet" (Optional, your DNS provider already knows how to find your name server)
- Add-DnsServerQueryResolutionPolicy -Name "NonInternalPolicy" -Action ALLOW -ClientSubnet "ne,Internal,loopback" -ZoneScope "Internet,1" -ZoneName "foo.bar"
- Add-DnsServerResourceRecord -ZoneName "johnbook.ga" -name "@" -TXT -DescriptiveText "MS=ms35639551" -ZoneScope "internet"