> The main difference between how MSU does network and corporations is that most corporate environments use NAT to separate internal and external networks. This allows them to create internal and external DNS zones, where AD only exists in the internal DNS. So external users can type domain.com and be redirected to www.domain.com. But because MSU uses public IP addresses, I don't think it's possible to create these separate zones.
>
> Joshua Wortz
TLE funding for the coming year is going to provide MSU with some snazy
new DNS servers. Among the new features we plan to add with those
upgrades is the ability to do zones capable of providing a different
view when you are "on campus" vs. "off campus". We also plan to improve
the redundancy and fail-over of the servers by implementing AnyCast.
Also the other question later on in the thread about the University
becoming it's own CA: That is INSANELY difficult and expensive to do
right. It has been considered. We have no plans to do so that I am
aware of.
--
Jeff Utter
Network Manager
Academic Technology Services
|