Re: DNS resolution order with multihomed host
- From: "DanielP" <dpradoSIN@xxxxxxxxxxxxxx>
- Date: Thu, 29 Dec 2005 17:52:11 +0100
Thank you very much for your help Kevin.
I'll try with the VPN
Best Regards.
Daniel P.
"Kevin D. Goodknecht Sr. [MVP]" <admin@xxxxxxxxxxxxxx> escribió en el
mensaje news:OwuHOTIDGHA.1268@xxxxxxxxxxxxxxxxxxxxxxx
> DanielP <dpradoSIN@xxxxxxxxxxxxxx> wrote:
>> Hello Kevin,
>>
>> The reason why we want this dns names to be resolved always in
>> the same order is that we have two data connections with our
>> remote datacenter: one through frame relay and one through Internet,
>> and we have to be connected pemanently with 2 machines there.
>>
>> This machines have 2 IPs: one private through frame relay and one
>> public through Internet.
>>
>> We want to access them with the private IP (10.x.x.x) through the
>> frame relay while it si possible. But if the frame relay fails we
>> want to access them
>> with the public IP (194.x.x.x) through Internet.
>>
>> So, as you can see, we want to have two IPs on these machines as a
>> fault tolerant mechanism. If the first IP isn't reachable our system
>> uses the second.
>
> I'm not sure what applications you are using to connect to the other
> server,
> but most simply won't use a failover address, which ever IP is the first
> in
> the list will be used, if the connection fails, most applications won't
> even
> try the second address. (An SMTP server with multiple MX records are one
> exception to this)
>
>> ¿What do you think about our topology?
>
> Depending on what ports you need open to connect via its public IP, you
> may
> need to rethink trying to connect via the public address. Some
> applications
> should never be exposed to the internet. Would a VPN work in your
> situation?
> By using a VPN, only one port is open through the firewall and all
> connections through PPTP are by private addresses and are encrypted. If
> Active Directory is involved you certainly shouldn't expose a DC to a
> direct
> internet connection without a firewall, there are at least 16 ports that
> need to be open for Active Directory.
> Q179442 - How to Configure a Firewall for Domains and Trusts:
> http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q179442
>
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> https://secure.lsaol.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
>
>
.
- References:
- DNS resolution order with multihomed host
- From: DanielP
- Re: DNS resolution order with multihomed host
- From: Kevin D. Goodknecht Sr. [MVP]
- Re: DNS resolution order with multihomed host
- From: DanielP
- Re: DNS resolution order with multihomed host
- From: Kevin D. Goodknecht Sr. [MVP]
- Re: DNS resolution order with multihomed host
- From: DanielP
- Re: DNS resolution order with multihomed host
- From: Kevin D. Goodknecht Sr. [MVP]
- DNS resolution order with multihomed host
- Prev by Date: dot locat domain
- Next by Date: Re: DNS Forwarders working for clients, not Server
- Previous by thread: Re: DNS resolution order with multihomed host
- Next by thread: name servers
- Index(es):
Relevant Pages
|
