Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error

From: Ace Fekay [MVP] (PleaseSubstituteMyActualFirstName&LastNameHere_at_hotmail.com)
Date: 03/01/04 

Date: Mon, 1 Mar 2004 10:05:50 -0500

In news:4042D440.FEF08EAC@N_O_S_P_A_M_cox.net,
Ohaya <ohaya@N_O_S_P_A_M_cox.net> posted their thoughts, then I offered mine

> Kevin,
>
> You have some good questions, and I only have answers to some of them
> unfortunately :(...
>
> First of all, my desire/intention is to build this 2-machine network
> such that it's kind of a standalone ("standalone", in a limited sense)
> Windows domain, but physically connected to an external network.
>
> The "machine A" runs an IIS web server, and we need "inward" access
> (from clients on the external network) to this web server, but, in
> general, we don't need, or want to allow, "outward" access (from
> machine
> A, or machine B) to the external network.
>
> The reason for the machine A/machine B configuration is that machine B
> runs a database which is accessed by our web application (which runs
> on machine A), and also, we want to manage all the machines on this
> internal network (consisting of machines A & B) using GPOs, etc. from
> machine A.
>
> Now here's the way that I think that things work (and they are, for
> the
> most part, working):
>
> You noted that we don't define a gateway for either NIC2 on machine A
> or
> NIC1 on machine B, but you'll also note that NIC2/machine A and
> NIC1/machine B are on the same subnet (IP addresses 192.168.1.xx). In
> addition, both NIC2/machine A and NIC1/machine B point to machine B
> for
> their DNS server.
>
> [I'm being a bit vague here] When something in machine A wants to
> connect to either machine A or machine B, since the DNS IP address
> points to machine B, name resolution gets handled by the DNS server on
> machine B.
>
> As to how it "gets out without a gateway", I think it works somewhat
> akin to a 2-computer network using a cross-over cable (and without a
> router) but, in our case, we're using a switch between the 2 computers
> (instead of a cross-over cable). My understanding is that in such a
> configuration, packets with source/destination address get sent out
> the
> NIC on the source machine, and the machine with the matching
> destination address will simply receive those packets.
>
>
> Here are the answers to some of your questions (I think):
>
> Q1) "How is the internal DNS resolving external names with out a
> gateway?"
> A1) We DON'T WANT the internal DNS (on machine B) to resolve external
> names.
>
> Q2) "Do you have NAT on the member server?"
> A2) No, we don't.
>
> Q3) "You have no gateways listed for any NIC, how do you get out
> without
> a gateway?
> A3) My guess is per what I wrote above.
>
>
> BTW, you mentioned above that:
>
> "> You cannot have TCP/IP without DNS in Win2k if you leave DNS blank
> it
> will
>> pick up the loopback address or use DHCP to get the DNS server."
>
> Do you know that the above (that it will either default to the
> loopback address or use DHCP to get the IP of the DNS server) is
> true? The
> reason that I'm asking is that this might be at least part of the
> question in my earlier thread ("How is resolution working?").
>
> If so, can you point me to some documentation about this? Also, if
> you
> know, under what circumstances would it default to the loopback
> address
> vs. trying to get the DNS server IP from DHCP?
>
> Jim

To add, if you want external communication, you'll need to specify a
gateway, unless you do not want to have Inernet communication from this
machine? 

-- 
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
-- 
=================================

Relevant Pages

  • Re: How is DNS resolution working?
    ... >> and our DNS server on machine B is only on a private network, ... host on the external network ... It just happens that on the external network, there is a Windows domain ...
    (microsoft.public.win2000.dns)
  • Re: How is DNS resolution working?
    ... >> and our DNS server on machine B is only on a private network, ... host on the external network ... It just happens that on the external network, there is a Windows domain ...
    (microsoft.public.win2000.networking)
  • Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error
    ... > Windows domain, but physically connected to an external network. ... > You noted that we don't define a gateway for either NIC2 on machine A ... name resolution gets handled by the DNS server on ...
    (microsoft.public.win2000.networking)
  • Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error
    ... but physically connected to an external network. ... name resolution gets handled by the DNS server on ... It turns out that if the GWY is populated in both NIC1 and NIC2, ... destination route entry with the 192.168.0.1 GWY was higher priority, ...
    (microsoft.public.win2000.dns)
  • Re: Event ID 1000 (Userenv) Error and Event ID 8021 (BROWSER) Error
    ... but physically connected to an external network. ... name resolution gets handled by the DNS server on ... It turns out that if the GWY is populated in both NIC1 and NIC2, ... destination route entry with the 192.168.0.1 GWY was higher priority, ...
    (microsoft.public.win2000.networking)