| Home | Register | Members | Search | Links |
 |
| Thread Tools | Display Modes |
|
Guest
Posts: n/a
|
|
|
|
||
|
|
| |
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
Hi,
How about using IPSec for all the traffic between Active Directories? Active Directory Replication over Firewalls http://www.microsoft.com/technet/pro.../adrepfir.mspx How to Enable IPSec Traffic Through a Firewall http://support.microsoft.com/default...b;en-us;233256 -- Mike Microsoft MVP - Windows Security "Mr.B" <(E-Mail Removed)> wrote in message news  188AF4E-D0C0-4004-9388-(E-Mail Removed)...> Ok, for DNS. > I would like to transfer as much traffic from udp to TCP. If DNS and WINS > are not possible it is not important. The most important part is AD and AD > replication and all related services and ports that are use for > communication... > > > "Miha Pihler [MVP]" wrote: > >> DNS actually uses both -- TCP and UDP. >> >> TCP is used for zone transfer (if you don't use Active Directory >> Integrated >> Zones) and UDP is used for DNS queries. >> >> Changing UDP (if possible!) would also mean reconfiguring all the clients >> (you would have to tell them to use TCP and not UDP any more)... >> >> -- >> Mike >> Microsoft MVP - Windows Security >> >> >> "Mr.B" <(E-Mail Removed)> wrote in message >> news:732E925E-2865-45A3-91F5-(E-Mail Removed)... >> > >> > I have several sites, which are connected with routers. UDP packets are >> > getting fragmented, and a lot of thing does produce error, that is >> > usually >> > network related. >> > >> > I use this link: >> > http://support.microsoft.com/default...b;en-us;244474 >> > To force clients to use TCP not UDP, and i would like to fix these on >> > DC. >> > I >> > would like to force that all domain controllers use TCP not UDP for >> > communications. >> > Can DNS be force to use TCP? I know that part of the zone is replicated >> > with >> > AD replication, but I would like to do it even without that. >> > Kan I force WINS replication between partners in different sites to use >> > TCP >> > for replication... >> > >> >> >> |
|
|
|
|
|||
|
Guest
Posts: n/a
|
I use netscreen in both locations. The lines are gating saturated. I don’t wont to put another channel through. The major problem is in root domain, especially with DNS. For a month now i have problem with mail delivery from FE server to out, because FQDN does not getting resolved. The symptoms are something like that . You try nslookup i try to find domainx.com, and i tried first, try the fourth time and i get the error, i chouse ISP DNS, i don’t get name resolved, next i get name resolved, and the thirty time i don’t get name resolved… There is enormous amount UDP traffic related to DNS. I change timeouts for forwarder to 10s. But i post DNS problem in separate topic… "Miha Pihler [MVP]" wrote: > Hi, > > How about using IPSec for all the traffic between Active Directories? > > Active Directory Replication over Firewalls > http://www.microsoft.com/technet/pro.../adrepfir.mspx > > How to Enable IPSec Traffic Through a Firewall > http://support.microsoft.com/default...b;en-us;233256 > > -- > Mike > Microsoft MVP - Windows Security > > "Mr.B" <(E-Mail Removed)> wrote in message > news 188AF4E-D0C0-4004-9388-(E-Mail Removed)...> > Ok, for DNS. > > I would like to transfer as much traffic from udp to TCP. If DNS and WINS > > are not possible it is not important. The most important part is AD and AD > > replication and all related services and ports that are use for > > communication... > > > > > > "Miha Pihler [MVP]" wrote: > > > >> DNS actually uses both -- TCP and UDP. > >> > >> TCP is used for zone transfer (if you don't use Active Directory > >> Integrated > >> Zones) and UDP is used for DNS queries. > >> > >> Changing UDP (if possible!) would also mean reconfiguring all the clients > >> (you would have to tell them to use TCP and not UDP any more)... > >> > >> -- > >> Mike > >> Microsoft MVP - Windows Security > >> > >> > >> "Mr.B" <(E-Mail Removed)> wrote in message > >> news:732E925E-2865-45A3-91F5-(E-Mail Removed)... > >> > > >> > I have several sites, which are connected with routers. UDP packets are > >> > getting fragmented, and a lot of thing does produce error, that is > >> > usually > >> > network related. > >> > > >> > I use this link: > >> > http://support.microsoft.com/default...b;en-us;244474 > >> > To force clients to use TCP not UDP, and i would like to fix these on > >> > DC. > >> > I > >> > would like to force that all domain controllers use TCP not UDP for > >> > communications. > >> > Can DNS be force to use TCP? I know that part of the zone is replicated > >> > with > >> > AD replication, but I would like to do it even without that. > >> > Kan I force WINS replication between partners in different sites to use > >> > TCP > >> > for replication... > >> > > >> > >> > >> > > > |
|
|
|
|
|||
|
Guest
Posts: n/a
|
I don't have whole picture of your network -- but can't you use local ISP to
resolve internet related DNS (this would cut down on traffic over saturated line) and replicate your internal (Active Directory) DNS to other sites for local resolution? -- Mike Microsoft MVP - Windows Security "Mr.B" <(E-Mail Removed)> wrote in message news:F4F41B19-47C4-426B-96B4-(E-Mail Removed)... > > I use netscreen in both locations. The lines are gating saturated. I don't > wont to put another channel through. The major problem is in root domain, > especially with DNS. For a month now i have problem with mail delivery > from > FE server to out, because FQDN does not getting resolved. The symptoms are > something like that . You try nslookup i try to find domainx.com, and i > tried > first, try the fourth time and i get the error, i chouse ISP DNS, i don't > get > name resolved, next i get name resolved, and the thirty time i don't get > name > resolved. There is enormous amount UDP traffic related to DNS. I change > timeouts for forwarder to 10s. > But i post DNS problem in separate topic. > > "Miha Pihler [MVP]" wrote: > >> Hi, >> >> How about using IPSec for all the traffic between Active Directories? >> >> Active Directory Replication over Firewalls >> http://www.microsoft.com/technet/pro.../adrepfir.mspx >> >> How to Enable IPSec Traffic Through a Firewall >> http://support.microsoft.com/default...b;en-us;233256 >> >> -- >> Mike >> Microsoft MVP - Windows Security >> >> "Mr.B" <(E-Mail Removed)> wrote in message >> news 188AF4E-D0C0-4004-9388-(E-Mail Removed)...>> > Ok, for DNS. >> > I would like to transfer as much traffic from udp to TCP. If DNS and >> > WINS >> > are not possible it is not important. The most important part is AD and >> > AD >> > replication and all related services and ports that are use for >> > communication... >> > >> > >> > "Miha Pihler [MVP]" wrote: >> > >> >> DNS actually uses both -- TCP and UDP. >> >> >> >> TCP is used for zone transfer (if you don't use Active Directory >> >> Integrated >> >> Zones) and UDP is used for DNS queries. >> >> >> >> Changing UDP (if possible!) would also mean reconfiguring all the >> >> clients >> >> (you would have to tell them to use TCP and not UDP any more)... >> >> >> >> -- >> >> Mike >> >> Microsoft MVP - Windows Security >> >> >> >> >> >> "Mr.B" <(E-Mail Removed)> wrote in message >> >> news:732E925E-2865-45A3-91F5-(E-Mail Removed)... >> >> > >> >> > I have several sites, which are connected with routers. UDP packets >> >> > are >> >> > getting fragmented, and a lot of thing does produce error, that is >> >> > usually >> >> > network related. >> >> > >> >> > I use this link: >> >> > http://support.microsoft.com/default...b;en-us;244474 >> >> > To force clients to use TCP not UDP, and i would like to fix these >> >> > on >> >> > DC. >> >> > I >> >> > would like to force that all domain controllers use TCP not UDP for >> >> > communications. >> >> > Can DNS be force to use TCP? I know that part of the zone is >> >> > replicated >> >> > with >> >> > AD replication, but I would like to do it even without that. >> >> > Kan I force WINS replication between partners in different sites to >> >> > use >> >> > TCP >> >> > for replication... >> >> > >> >> >> >> >> >> >> >> >> |
|
|
|
|
|||
|
Guest
Posts: n/a
|
Yes I set up that to, but no help. In half an our i will post the second
question how to optimize DNS traffic through domain. The post will be named DNS traffic optimization in root/hub configuration. I wont to force other traffic not to use UDP. I can ping RPC if I use TCP, but I can not ping RPC if I use UDP protocol… "Miha Pihler [MVP]" wrote: > I don't have whole picture of your network -- but can't you use local ISP to > resolve internet related DNS (this would cut down on traffic over saturated > line) and replicate your internal (Active Directory) DNS to other sites for > local resolution? > > -- > Mike > Microsoft MVP - Windows Security > > "Mr.B" <(E-Mail Removed)> wrote in message > news:F4F41B19-47C4-426B-96B4-(E-Mail Removed)... > > > > I use netscreen in both locations. The lines are gating saturated. I don't > > wont to put another channel through. The major problem is in root domain, > > especially with DNS. For a month now i have problem with mail delivery > > from > > FE server to out, because FQDN does not getting resolved. The symptoms are > > something like that . You try nslookup i try to find domainx.com, and i > > tried > > first, try the fourth time and i get the error, i chouse ISP DNS, i don't > > get > > name resolved, next i get name resolved, and the thirty time i don't get > > name > > resolved. There is enormous amount UDP traffic related to DNS. I change > > timeouts for forwarder to 10s. > > But i post DNS problem in separate topic. > > > > "Miha Pihler [MVP]" wrote: > > > >> Hi, > >> > >> How about using IPSec for all the traffic between Active Directories? > >> > >> Active Directory Replication over Firewalls > >> http://www.microsoft.com/technet/pro.../adrepfir.mspx > >> > >> How to Enable IPSec Traffic Through a Firewall > >> http://support.microsoft.com/default...b;en-us;233256 > >> > >> -- > >> Mike > >> Microsoft MVP - Windows Security > >> > >> "Mr.B" <(E-Mail Removed)> wrote in message > >> news 188AF4E-D0C0-4004-9388-(E-Mail Removed)...> >> > Ok, for DNS. > >> > I would like to transfer as much traffic from udp to TCP. If DNS and > >> > WINS > >> > are not possible it is not important. The most important part is AD and > >> > AD > >> > replication and all related services and ports that are use for > >> > communication... > >> > > >> > > >> > "Miha Pihler [MVP]" wrote: > >> > > >> >> DNS actually uses both -- TCP and UDP. > >> >> > >> >> TCP is used for zone transfer (if you don't use Active Directory > >> >> Integrated > >> >> Zones) and UDP is used for DNS queries. > >> >> > >> >> Changing UDP (if possible!) would also mean reconfiguring all the > >> >> clients > >> >> (you would have to tell them to use TCP and not UDP any more)... > >> >> > >> >> -- > >> >> Mike > >> >> Microsoft MVP - Windows Security > >> >> > >> >> > >> >> "Mr.B" <(E-Mail Removed)> wrote in message > >> >> news:732E925E-2865-45A3-91F5-(E-Mail Removed)... > >> >> > > >> >> > I have several sites, which are connected with routers. UDP packets > >> >> > are > >> >> > getting fragmented, and a lot of thing does produce error, that is > >> >> > usually > >> >> > network related. > >> >> > > >> >> > I use this link: > >> >> > http://support.microsoft.com/default...b;en-us;244474 > >> >> > To force clients to use TCP not UDP, and i would like to fix these > >> >> > on > >> >> > DC. > >> >> > I > >> >> > would like to force that all domain controllers use TCP not UDP for > >> >> > communications. > >> >> > Can DNS be force to use TCP? I know that part of the zone is > >> >> > replicated > >> >> > with > >> >> > AD replication, but I would like to do it even without that. > >> >> > Kan I force WINS replication between partners in different sites to > >> >> > use > >> >> > TCP > >> >> > for replication... > >> >> > > >> >> > >> >> > >> >> > >> > >> > >> > > > |
|
|
|
|
|||
|
Guest
Posts: n/a
|
Well, here is another tool that might help you out.
http://www.microsoft.com/windows2000.../rpcping-o.asp -- Mike Microsoft MVP - Windows Security "Mr.B" <(E-Mail Removed)> wrote in message news:FD6E7E66-BA4C-4B80-8883-(E-Mail Removed)... > Yes I set up that to, but no help. In half an our i will post the second > question how to optimize DNS traffic through domain. The post will be > named > DNS traffic optimization in root/hub configuration. I wont to force other > traffic not to use UDP. I can ping RPC if I use TCP, but I can not ping > RPC > if I use UDP protocol. > "Miha Pihler [MVP]" wrote: > >> I don't have whole picture of your network -- but can't you use local ISP >> to >> resolve internet related DNS (this would cut down on traffic over >> saturated >> line) and replicate your internal (Active Directory) DNS to other sites >> for >> local resolution? >> >> -- >> Mike >> Microsoft MVP - Windows Security >> >> "Mr.B" <(E-Mail Removed)> wrote in message >> news:F4F41B19-47C4-426B-96B4-(E-Mail Removed)... >> > >> > I use netscreen in both locations. The lines are gating saturated. I >> > don't >> > wont to put another channel through. The major problem is in root >> > domain, >> > especially with DNS. For a month now i have problem with mail delivery >> > from >> > FE server to out, because FQDN does not getting resolved. The symptoms >> > are >> > something like that . You try nslookup i try to find domainx.com, and i >> > tried >> > first, try the fourth time and i get the error, i chouse ISP DNS, i >> > don't >> > get >> > name resolved, next i get name resolved, and the thirty time i don't >> > get >> > name >> > resolved. There is enormous amount UDP traffic related to DNS. I change >> > timeouts for forwarder to 10s. >> > But i post DNS problem in separate topic. >> > >> > "Miha Pihler [MVP]" wrote: >> > >> >> Hi, >> >> >> >> How about using IPSec for all the traffic between Active Directories? >> >> >> >> Active Directory Replication over Firewalls >> >> http://www.microsoft.com/technet/pro.../adrepfir.mspx >> >> >> >> How to Enable IPSec Traffic Through a Firewall >> >> http://support.microsoft.com/default...b;en-us;233256 >> >> >> >> -- >> >> Mike >> >> Microsoft MVP - Windows Security >> >> >> >> "Mr.B" <(E-Mail Removed)> wrote in message >> >> news 188AF4E-D0C0-4004-9388-(E-Mail Removed)...>> >> > Ok, for DNS. >> >> > I would like to transfer as much traffic from udp to TCP. If DNS and >> >> > WINS >> >> > are not possible it is not important. The most important part is AD >> >> > and >> >> > AD >> >> > replication and all related services and ports that are use for >> >> > communication... >> >> > >> >> > >> >> > "Miha Pihler [MVP]" wrote: >> >> > >> >> >> DNS actually uses both -- TCP and UDP. >> >> >> >> >> >> TCP is used for zone transfer (if you don't use Active Directory >> >> >> Integrated >> >> >> Zones) and UDP is used for DNS queries. >> >> >> >> >> >> Changing UDP (if possible!) would also mean reconfiguring all the >> >> >> clients >> >> >> (you would have to tell them to use TCP and not UDP any more)... >> >> >> >> >> >> -- >> >> >> Mike >> >> >> Microsoft MVP - Windows Security >> >> >> >> >> >> >> >> >> "Mr.B" <(E-Mail Removed)> wrote in message >> >> >> news:732E925E-2865-45A3-91F5-(E-Mail Removed)... >> >> >> > >> >> >> > I have several sites, which are connected with routers. UDP >> >> >> > packets >> >> >> > are >> >> >> > getting fragmented, and a lot of thing does produce error, that >> >> >> > is >> >> >> > usually >> >> >> > network related. >> >> >> > >> >> >> > I use this link: >> >> >> > http://support.microsoft.com/default...b;en-us;244474 >> >> >> > To force clients to use TCP not UDP, and i would like to fix >> >> >> > these >> >> >> > on >> >> >> > DC. >> >> >> > I >> >> >> > would like to force that all domain controllers use TCP not UDP >> >> >> > for >> >> >> > communications. >> >> >> > Can DNS be force to use TCP? I know that part of the zone is >> >> >> > replicated >> >> >> > with >> >> >> > AD replication, but I would like to do it even without that. >> >> >> > Kan I force WINS replication between partners in different sites >> >> >> > to >> >> >> > use >> >> >> > TCP >> >> >> > for replication... >> >> >> > >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> |
|
|
|
|
|||
|
Guest
Posts: n/a
|
I use these tool and pass all test,becouse it use TPC not UDP. UDP is
problematic. What ports does public folder replication use. "Miha Pihler [MVP]" wrote: > Well, here is another tool that might help you out. > > http://www.microsoft.com/windows2000.../rpcping-o.asp > > -- > Mike > Microsoft MVP - Windows Security > > "Mr.B" <(E-Mail Removed)> wrote in message > news:FD6E7E66-BA4C-4B80-8883-(E-Mail Removed)... > > Yes I set up that to, but no help. In half an our i will post the second > > question how to optimize DNS traffic through domain. The post will be > > named > > DNS traffic optimization in root/hub configuration. I wont to force other > > traffic not to use UDP. I can ping RPC if I use TCP, but I can not ping > > RPC > > if I use UDP protocol. > > "Miha Pihler [MVP]" wrote: > > > >> I don't have whole picture of your network -- but can't you use local ISP > >> to > >> resolve internet related DNS (this would cut down on traffic over > >> saturated > >> line) and replicate your internal (Active Directory) DNS to other sites > >> for > >> local resolution? > >> > >> -- > >> Mike > >> Microsoft MVP - Windows Security > >> > >> "Mr.B" <(E-Mail Removed)> wrote in message > >> news:F4F41B19-47C4-426B-96B4-(E-Mail Removed)... > >> > > >> > I use netscreen in both locations. The lines are gating saturated. I > >> > don't > >> > wont to put another channel through. The major problem is in root > >> > domain, > >> > especially with DNS. For a month now i have problem with mail delivery > >> > from > >> > FE server to out, because FQDN does not getting resolved. The symptoms > >> > are > >> > something like that . You try nslookup i try to find domainx.com, and i > >> > tried > >> > first, try the fourth time and i get the error, i chouse ISP DNS, i > >> > don't > >> > get > >> > name resolved, next i get name resolved, and the thirty time i don't > >> > get > >> > name > >> > resolved. There is enormous amount UDP traffic related to DNS. I change > >> > timeouts for forwarder to 10s. > >> > But i post DNS problem in separate topic. > >> > > >> > "Miha Pihler [MVP]" wrote: > >> > > >> >> Hi, > >> >> > >> >> How about using IPSec for all the traffic between Active Directories? > >> >> > >> >> Active Directory Replication over Firewalls > >> >> http://www.microsoft.com/technet/pro.../adrepfir.mspx > >> >> > >> >> How to Enable IPSec Traffic Through a Firewall > >> >> http://support.microsoft.com/default...b;en-us;233256 > >> >> > >> >> -- > >> >> Mike > >> >> Microsoft MVP - Windows Security > >> >> > >> >> "Mr.B" <(E-Mail Removed)> wrote in message > >> >> news 188AF4E-D0C0-4004-9388-(E-Mail Removed)...> >> >> > Ok, for DNS. > >> >> > I would like to transfer as much traffic from udp to TCP. If DNS and > >> >> > WINS > >> >> > are not possible it is not important. The most important part is AD > >> >> > and > >> >> > AD > >> >> > replication and all related services and ports that are use for > >> >> > communication... > >> >> > > >> >> > > >> >> > "Miha Pihler [MVP]" wrote: > >> >> > > >> >> >> DNS actually uses both -- TCP and UDP. > >> >> >> > >> >> >> TCP is used for zone transfer (if you don't use Active Directory > >> >> >> Integrated > >> >> >> Zones) and UDP is used for DNS queries. > >> >> >> > >> >> >> Changing UDP (if possible!) would also mean reconfiguring all the > >> >> >> clients > >> >> >> (you would have to tell them to use TCP and not UDP any more)... > >> >> >> > >> >> >> -- > >> >> >> Mike > >> >> >> Microsoft MVP - Windows Security > >> >> >> > >> >> >> > >> >> >> "Mr.B" <(E-Mail Removed)> wrote in message > >> >> >> news:732E925E-2865-45A3-91F5-(E-Mail Removed)... > >> >> >> > > >> >> >> > I have several sites, which are connected with routers. UDP > >> >> >> > packets > >> >> >> > are > >> >> >> > getting fragmented, and a lot of thing does produce error, that > >> >> >> > is > >> >> >> > usually > >> >> >> > network related. > >> >> >> > > >> >> >> > I use this link: > >> >> >> > http://support.microsoft.com/default...b;en-us;244474 > >> >> >> > To force clients to use TCP not UDP, and i would like to fix > >> >> >> > these > >> >> >> > on > >> >> >> > DC. > >> >> >> > I > >> >> >> > would like to force that all domain controllers use TCP not UDP > >> >> >> > for > >> >> >> > communications. > >> >> >> > Can DNS be force to use TCP? I know that part of the zone is > >> >> >> > replicated > >> >> >> > with > >> >> >> > AD replication, but I would like to do it even without that. > >> >> >> > Kan I force WINS replication between partners in different sites > >> >> >> > to > >> >> >> > use > >> >> >> > TCP > >> >> >> > for replication... > >> >> >> > > >> >> >> > >> >> >> > >> >> >> > >> >> > >> >> > >> >> > >> > >> > >> > > > |
|
|
|
|
|||
|
Guest
Posts: n/a
|
I believe it uses SMTP protocol (TCP port 25).
-- Mike Microsoft MVP - Windows Security "Mr.B" <(E-Mail Removed)> wrote in message news:FBBFB575-630B-4BBF-B1ED-(E-Mail Removed)... >I use these tool and pass all test,becouse it use TPC not UDP. UDP is > problematic. What ports does public folder replication use. > > "Miha Pihler [MVP]" wrote: > >> Well, here is another tool that might help you out. >> >> http://www.microsoft.com/windows2000.../rpcping-o.asp >> >> -- >> Mike >> Microsoft MVP - Windows Security >> >> "Mr.B" <(E-Mail Removed)> wrote in message >> news:FD6E7E66-BA4C-4B80-8883-(E-Mail Removed)... >> > Yes I set up that to, but no help. In half an our i will post the >> > second >> > question how to optimize DNS traffic through domain. The post will be >> > named >> > DNS traffic optimization in root/hub configuration. I wont to force >> > other >> > traffic not to use UDP. I can ping RPC if I use TCP, but I can not >> > ping >> > RPC >> > if I use UDP protocol. >> > "Miha Pihler [MVP]" wrote: >> > >> >> I don't have whole picture of your network -- but can't you use local >> >> ISP >> >> to >> >> resolve internet related DNS (this would cut down on traffic over >> >> saturated >> >> line) and replicate your internal (Active Directory) DNS to other >> >> sites >> >> for >> >> local resolution? >> >> >> >> -- >> >> Mike >> >> Microsoft MVP - Windows Security >> >> >> >> "Mr.B" <(E-Mail Removed)> wrote in message >> >> news:F4F41B19-47C4-426B-96B4-(E-Mail Removed)... >> >> > >> >> > I use netscreen in both locations. The lines are gating saturated. I >> >> > don't >> >> > wont to put another channel through. The major problem is in root >> >> > domain, >> >> > especially with DNS. For a month now i have problem with mail >> >> > delivery >> >> > from >> >> > FE server to out, because FQDN does not getting resolved. The >> >> > symptoms >> >> > are >> >> > something like that . You try nslookup i try to find domainx.com, >> >> > and i >> >> > tried >> >> > first, try the fourth time and i get the error, i chouse ISP DNS, i >> >> > don't >> >> > get >> >> > name resolved, next i get name resolved, and the thirty time i don't >> >> > get >> >> > name >> >> > resolved. There is enormous amount UDP traffic related to DNS. I >> >> > change >> >> > timeouts for forwarder to 10s. >> >> > But i post DNS problem in separate topic. >> >> > >> >> > "Miha Pihler [MVP]" wrote: >> >> > >> >> >> Hi, >> >> >> >> >> >> How about using IPSec for all the traffic between Active >> >> >> Directories? >> >> >> >> >> >> Active Directory Replication over Firewalls >> >> >> http://www.microsoft.com/technet/pro.../adrepfir.mspx >> >> >> >> >> >> How to Enable IPSec Traffic Through a Firewall >> >> >> http://support.microsoft.com/default...b;en-us;233256 >> >> >> >> >> >> -- >> >> >> Mike >> >> >> Microsoft MVP - Windows Security >> >> >> >> >> >> "Mr.B" <(E-Mail Removed)> wrote in message >> >> >> news 188AF4E-D0C0-4004-9388-(E-Mail Removed)...>> >> >> > Ok, for DNS. >> >> >> > I would like to transfer as much traffic from udp to TCP. If DNS >> >> >> > and >> >> >> > WINS >> >> >> > are not possible it is not important. The most important part is >> >> >> > AD >> >> >> > and >> >> >> > AD >> >> >> > replication and all related services and ports that are use for >> >> >> > communication... >> >> >> > >> >> >> > >> >> >> > "Miha Pihler [MVP]" wrote: >> >> >> > >> >> >> >> DNS actually uses both -- TCP and UDP. >> >> >> >> >> >> >> >> TCP is used for zone transfer (if you don't use Active Directory >> >> >> >> Integrated >> >> >> >> Zones) and UDP is used for DNS queries. >> >> >> >> >> >> >> >> Changing UDP (if possible!) would also mean reconfiguring all >> >> >> >> the >> >> >> >> clients >> >> >> >> (you would have to tell them to use TCP and not UDP any more)... >> >> >> >> >> >> >> >> -- >> >> >> >> Mike >> >> >> >> Microsoft MVP - Windows Security >> >> >> >> >> >> >> >> >> >> >> >> "Mr.B" <(E-Mail Removed)> wrote in message >> >> >> >> news:732E925E-2865-45A3-91F5-(E-Mail Removed)... >> >> >> >> > >> >> >> >> > I have several sites, which are connected with routers. UDP >> >> >> >> > packets >> >> >> >> > are >> >> >> >> > getting fragmented, and a lot of thing does produce error, >> >> >> >> > that >> >> >> >> > is >> >> >> >> > usually >> >> >> >> > network related. >> >> >> >> > >> >> >> >> > I use this link: >> >> >> >> > http://support.microsoft.com/default...b;en-us;244474 >> >> >> >> > To force clients to use TCP not UDP, and i would like to fix >> >> >> >> > these >> >> >> >> > on >> >> >> >> > DC. >> >> >> >> > I >> >> >> >> > would like to force that all domain controllers use TCP not >> >> >> >> > UDP >> >> >> >> > for >> >> >> >> > communications. >> >> >> >> > Can DNS be force to use TCP? I know that part of the zone is >> >> >> >> > replicated >> >> >> >> > with >> >> >> >> > AD replication, but I would like to do it even without that. >> >> >> >> > Kan I force WINS replication between partners in different >> >> >> >> > sites >> >> >> >> > to >> >> >> >> > use >> >> >> >> > TCP >> >> >> >> > for replication... >> >> >> >> > >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> |
|
|
|
|
|||
|
|
| |
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Nike Air Force Ones,Air Force One Air Force One-1,25th anniversary | lky52136@gmail.com | Windows Networking | 0 | 01-14-2008 07:45 PM |
| force 802.11a | kevin.pavin@gmail.com | Wireless Internet | 2 | 01-13-2007 05:52 PM |
| Force VPN | Bad Beagle Boy | Wireless Internet | 4 | 12-15-2006 03:33 AM |
| Force to use WZC | Ray | Wireless Networks | 2 | 08-11-2005 04:19 PM |
| Force 9 BB | mark eldon | Broadband | 2 | 12-07-2003 09:41 AM |
Linear Mode
