Re: DNS issues on multi-homed DC's

Tech-Archive recommends: Speed Up your PC by fixing your registry

Thanks for the help, I think that was pretty much what I needed to know with
the KB references. For some reason I couldn't find them when I was searching
on my own.

--Josh



"Jorge Silva" wrote:

-Yes, disabeling the extrnal interfaces is a good option, however you should
keep roundrobin.
-The clients should use their LOCAL internal DNS for resolution.
-All DCs in Child domain and Parent domain must be able to solve each other
Names, GUIDs, Domain, etc...
-Another note is for Active directory sites and services, ake sure that Each
site is cnfigured with the correct subnet.
http://support.microsoft.com/kb/323380
http://support.microsoft.com/kb/255248

--
===================================
I hope that the information above helps you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services
===================================

"Josh Webster" <JoshWebster@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C893758A-23D9-4779-943E-6AE8090CF9B9@xxxxxxxxxxxxxxxx
"Jorge Silva" wrote:

Hi
Why don't you let your FW decide (by configuring) who pass the WAN link
to
the other side, instead of placing Multihomed DCs?

Maybe I shouldn't have used the term WAN. In some cases it might be an
actual WAN connection, but in most it will be part of a non-segregated
LAN.
What I referred to in my original question as a LAN, would more accurately
be
a private LAN served only by the single DC/DNS server. No real need for a
FW
in these systems.



In this scenario, network adapters on the multihomed domain controllers
are
registering both the inside and outside Internet Protocol (IP) addresses
with the DNS server. DNS name resolution lookup requests return records
in a
"round robin" fashion, alternating the internal and external IP
addresses.
Replication operations require multiple lookup requests of SRV records.
In
this case, half of the DNS lookup requests return an IP address that
cannot
be contacted, and the replication operation fails.
http://support.microsoft.com/kb/272294

If I follow the KB article above and remove the external interfaces and
disable the round robin setting, will this essentially stop DNS
information
from being replicated between DC's?

All these child domain DC's should be on a LAN connection with the parent
domain. Would the best way to set this up be with the internal LAN
connection
being the DNS server for the internal computers, with the outside LAN
connection being a client on the parent DNS?

Sorry for all the questions, DNS isn't my strong point, and unfortunately
I
don't have a testbed for this.



--
===================================
I hope that the information above helps you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services
===================================

"Josh Webster" <JoshWebster@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:9E0E97F4-8527-487C-8138-5EEE0B7EC2D6@xxxxxxxxxxxxxxxx
I've got a question about whether or not the scenario I'm looking at is
possible.

I would have a child domain with locations at several different sites.
Each
site would have a DC, and each DC would reside on two networks, LAN and
WAN.
LAN side of each of the DC's would be in the same network range as each
other, and the DC's at each site would actually have the same IP
address
on
the LAN adapter. WAN side, each DC would have a unique IP and routing
between
sites would be setup so that the DC's can replicate between each other.

The main issue I can potentially see here is with DNS. With AD
integrated
DNS, each of the sites computer will have entries, and those entries
would
normally be replicated between DC's. Am I missing a way to configure
this
so
that DNS wouldn't be an issue? Any other issues that I've completely
overlooked in this setup? Any reason this would possible or not, and
whether
it would be recommended or not?

Thanks,
Josh






.

Relevant Pages

  • Re: DNS and sites
    ... >> In addition to Kevin's excellent reply may I add that in a WAN ... >> physical security of having machines running as DCs and DNS servers ... >> may in fact produce less traffic, than DNS/DC/GC replication traffic. ... > Microsoft Windows MVP - Windows Server - Directory Services ...
    (microsoft.public.windows.server.dns)
  • Re: WAN IP address from a computer..
    ... > you're doing your NAT on your router or firewall. ... If you put the WAN address in the DNS manually, ... If you're using multihomed machines with a NIC in each network, both LAN ... > and WAN, you can find it with IPCONFIG, but this should almost never be> done. ...
    (microsoft.public.win2000.networking)
  • Re: LAN/WAN IPs both appear as DNS A entries
    ... WAN IP of the TS as you recommended. ... Their LAN IP's did not change. ... as at least one station now resolves the server name to ... I have manually removed the DNS entry from the Forward Lookup Zones ...
    (microsoft.public.windows.server.dns)
  • Re: DNS and sites
    ... machines running as DCs and DNS servers at remote sites. ... less WAN traffic by having a local DC (which does need to replicate with DCs ... may in fact produce less traffic, than DNS/DC/GC replication traffic. ...
    (microsoft.public.windows.server.dns)
  • Re: Condivisione file via SMB a senso unico
    ... Credo che tu abbia un problema con Bonjour. ... Nei confonti della tua LAN, a meno che tu non abbia un DNS dedicato ... Dimentica WINS. ...
    (it.comp.macintosh)