Re: Help with DNS

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: mattymatmat (mattymatmat_at_discussions.microsoft.com)
Date: 01/17/05 

Date: Mon, 17 Jan 2005 12:09:03 -0800

I was really hoping someone could tell me if there is a way for me to get one
computer first all the time when pinging a hostname that has multiple ip
addresses. Is there a way to make it so if I ping my domain I get one IP
over another all the time???

Matt

"Tony Su" wrote:

> Hello Matt,
> IMO Doug is correct, you should be specifying a hostname, not domain for
> each email account.
>
> And, your DNS should be setup so that one DNS is secondary to the other
> which you doesn't appear to be what you are doing. What you appear to be
> doing is configuring both DNS to be authoritative which will cause problems.
> You want only one to be authoritative and to replicate its records to any
> secondary servers.
>
> You don't state whether your certificate is a commercial certificate or
> privately generated... some commercial and a private CA will support a
> wildcard certificate if you need to support multiple hostnames using the same
> certificate, ie. *.yourdomain.com
>
> But, the common name for <all> properly issued certificates should include a
> hostname (or wildcard), not just a domain name.
>
> HTH
>
> "mattymatmat" wrote:
>
> > Most people are on Outlook 2003. We have a SSL certificate for our domain
> > name, not for the specific server. To keep it simple for people setting up
> > their e-mail inside and outside of the network I'd like them to just use our
> > domain name, plus they would be getting certificate errors because we don't
> > have one for the server only the domain... does that make sense?
> >
> > "Doug Sherman [MVP]" wrote:
> >
> > > What mail program are these people using Typically you configure the SMTP
> > > server entry with the host name or the FQDN of the server eg.
> > > BoxA.newb.com.
> > >
> > > Doug Sherman
> > > MCSE Win2kNT4.0, MCSA, MCP+I, MVP
> > >
> > > "mattymatmat" <mattymatmat@discussions.microsoft.com> wrote in message
> > > news:63D48453-6CA2-4A8C-9193-F90A67F8C292@microsoft.com...
> > > > Heres my setup:
> > > > BoxA: DNS (Active Directory) Server, Exchange
> > > > BoxB: DNS (ACtive Directory) Server, File Server
> > > >
> > > > Lets say my domain is newb.com
> > > > and the internal IP's for Box A is 192.168.3.2 and Box B 192.168.3.3
> > > >
> > > > When I look at the dns tables I see all the computers on my domain
> > > (normal)
> > > > as well as:
> > > > BoxA DNS Table
> > > > (same as parent folder) SOA BoxA.newb.com.
> > > > (same as parent folder) Name Server (NS) BoxB.newb.com.
> > > > (same as parent folder) Name Server (NS) BoxA.newb.com.
> > > > (same as parent folder) Host (A) 192.168.3.2
> > > > (same as parent folder) Host (A) 192.168.3.3
> > > > (same as parent folder) Mail Exchanger (MX) [10] BoxA.newb.com.
> > > >
> > > > BoxB DNS Table
> > > > (same as parent folder) SOA BoxB.newb.com.
> > > > (same as parent folder) Name Server (NS) BoxB.newb.com.
> > > > (same as parent folder) Name Server (NS) BoxA.newb.com.
> > > > (same as parent folder) Host (A) 192.168.3.2
> > > > (same as parent folder) Host (A) 192.168.3.3
> > > > (same as parent folder) Mail Exchanger (MX) [10] BoxA.newb.com.
> > > >
> > > > My problem is this, sometimes when I ping newb.com I get 192.168.3.2 and
> > > > sometimes I'll get 192.168.3.3. I want to always get 192.168.3.2. I've
> > > > tried removing the (same as parent folder) Host (A) 192.168.3.3 in the
> > > dns
> > > > tables but it seems to reappear within a day. I thought maybe it was
> > > because
> > > > of the round robin feature so i even disabled that. Should both servers
> > > be
> > > > set to SOA for themselves? BoxA's table has itself as SOA and BoxB has
> > > > itself as SOA. On all client machines BoxA (192.168.3.2) is the primary
> > > DNS
> > > > and BoxB (192.168.3.3) is the secondary DNS. Maybe they should all be the
> > > > same SOA? Like BoxA as the sole SOA?
> > > > Basically for peoples SMTP server setting in their mail programs they use
> > > > newb.com, and sometimes it can't find the server because its looking at
> > > the
> > > > wrong IP periodically. My temp solution has been to delete the (same as
> > > > parent folder) Host (A) 192.168.3.3 record so it only resolves to
> > > > 192.168.3.2 but as I mentioned that deleted record recreates itself.
> > > >
> > > > Any help would be greatly appreciated. Thanks!
> > > >
> > > > Aloha,
> > > >
> > > > Matt
> > > >
> > >
> > >
> > >

Relevant Pages

  • Re: Help with DNS
    ... your DNS should be setup so that one DNS is secondary to the other ... You don't state whether your certificate is a commercial certificate or ... hostname, ... > have one for the server only the domain... ...
    (microsoft.public.windows.server.general)
  • Re: SSL Certificate preventing ActiveSync from working
    ... Make sure you save the cert as a base64 format. ... > So to roll this out, we added a new hostname to resolve to the same IP ... > and generated a new SSL Certificate to match. ... > "The security certificdate on the server is invalid. ...
    (microsoft.public.pocketpc.activesync)
  • Re: how to get a digital certificate
    ... Connector element of server.xml.When i try ... Certificates include the hostname. ... If your self-signed cert. ... so i wanted to get a certificate from verisign and went to their free ...
    (comp.lang.java.programmer)
  • Re: Help with DNS
    ... your DNS should be setup so that one DNS is secondary to the other ... > wildcard certificate if you need to support multiple hostnames using the same ... wildcard option which would have allowed us to do that. ... > hostname, ...
    (microsoft.public.windows.server.general)
  • Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2
    ... This makes the user vulnerable to certificate spoofing by ... subjectAltName and wildcard matching exists primarily for name based ... In temporary saves the CN could be binded to a unique hostname ... The user tells the browser I want www.example.com *.example.com and ...
    (Bugtraq)