W2K3 DNS on Multihomed DC

Hi all,

I have the following scenario:

1. W2K3 DC1 with DNS listening to 2 interfaces: 10.22.0.26/25 and
10.22.135.19/24 and registering itself to the DNS.
2. 10.22.0.26/25 is for all DCs and E2K3s
3. 10.22.135.19/24 is for OV traffic
4. DHCP client range 10.22.3.21 to 10.22.3.250/24
5. DNS - Round robin is disabled
6. DNS - Enable netmask ordering
7. Run "dnscmd /config /LocalNetPriorityNetMask 0x0000007F"
8. DHCP client able to get the IP address
9. W2K3 runs on SP1
10. Network binding order: 10.22.0.26 follow by 10.22.135.19
11. DDNS set to secure only

But when I tried to ping to the DC1 from DHCP client I always get
10.22.135.19 instead of 10.22.0.26. Is the above config set correctly for
this scenario? I want all my clients to be able to resolve to 10.22.0.26
only, DC1 IP.

Is there other way to get it to work.



Wing Lok

Wing Lok wrote:
> Hi all,
>
> I have the following scenario:
>
> 1. W2K3 DC1 with DNS listening to 2 interfaces: 10.22.0.26/25 and
> 10.22.135.19/24 and registering itself to the DNS.
> 2. 10.22.0.26/25 is for all DCs and E2K3s
> 3. 10.22.135.19/24 is for OV traffic
> 4. DHCP client range 10.22.3.21 to 10.22.3.250/24
> 5. DNS - Round robin is disabled
> 6. DNS - Enable netmask ordering
> 7. Run "dnscmd /config /LocalNetPriorityNetMask 0x0000007F"
> 8. DHCP client able to get the IP address
> 9. W2K3 runs on SP1
> 10. Network binding order: 10.22.0.26 follow by 10.22.135.19
> 11. DDNS set to secure only
>
> But when I tried to ping to the DC1 from DHCP client I always get
> 10.22.135.19 instead of 10.22.0.26. Is the above config set correctly
> for this scenario? I want all my clients to be able to resolve to
> 10.22.0.26 only, DC1 IP.
>
> Is there other way to get it to work.

You shouldn't multi-home DCs, but you can make them work if you modify the
registry. Here are two documents (one text and one Word Doc) I wrote that
covers all the tidbits for multi-homing DCs.

These documents contain information about modifying the registry. Before you
modify the registry, make sure to back it up and make sure that you
understand how to restore the registry if a problem occurs.
http://support.wftx.us/Multihomed_Reg_Fix.txt

Same document as above in Microsoft Word Document format:
http://support.wftx.us/Multihomed.doc



--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

Thanks for the document.

1. DNS has to listen to both interface
2. There are some W2K3 servers on 10.22.135.19/24 segment need to join to
domain using that segment
3. All DHCP clients are coming from 10.22.2.21/24 segment
4. DNS has to service both segment and return the corresponding segment
correct SRV records.

How can I make the DNS to return them the correct SRV records based on the
segment where they request from.
If request from 10.22.2.x, DNS should return 10.22.0.26
If request from 10.22.135.x, DNS should return 10.22.135.19

Can the DNS able to do that?

"Kevin D. Goodknecht Sr. [MVP]" wrote:

> Wing Lok wrote:
> > Hi all,
> >
> > I have the following scenario:
> >
> > 1. W2K3 DC1 with DNS listening to 2 interfaces: 10.22.0.26/25 and
> > 10.22.135.19/24 and registering itself to the DNS.
> > 2. 10.22.0.26/25 is for all DCs and E2K3s
> > 3. 10.22.135.19/24 is for OV traffic
> > 4. DHCP client range 10.22.3.21 to 10.22.3.250/24
> > 5. DNS - Round robin is disabled
> > 6. DNS - Enable netmask ordering
> > 7. Run "dnscmd /config /LocalNetPriorityNetMask 0x0000007F"
> > 8. DHCP client able to get the IP address
> > 9. W2K3 runs on SP1
> > 10. Network binding order: 10.22.0.26 follow by 10.22.135.19
> > 11. DDNS set to secure only
> >
> > But when I tried to ping to the DC1 from DHCP client I always get
> > 10.22.135.19 instead of 10.22.0.26. Is the above config set correctly
> > for this scenario? I want all my clients to be able to resolve to
> > 10.22.0.26 only, DC1 IP.
> >
> > Is there other way to get it to work.
>
> You shouldn't multi-home DCs, but you can make them work if you modify the
> registry. Here are two documents (one text and one Word Doc) I wrote that
> covers all the tidbits for multi-homing DCs.
>
> These documents contain information about modifying the registry. Before you
> modify the registry, make sure to back it up and make sure that you
> understand how to restore the registry if a problem occurs.
> http://support.wftx.us/Multihomed_Reg_Fix.txt
>
> Same document as above in Microsoft Word Document format:
> http://support.wftx.us/Multihomed.doc
>
>
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> https://secure.lsaol.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
>
>
>

Wing Lok wrote:
> Thanks for the document.
>
> 1. DNS has to listen to both interface

If DNS must listen on all interfaces, use the PublishAddresses registry
value note in the Doc.

> 2. There are some W2K3 servers on 10.22.135.19/24 segment need to
> join to domain using that segment
> 3. All DHCP clients are coming from 10.22.2.21/24 segment
> 4. DNS has to service both segment and return the corresponding
> segment correct SRV records.
>
> How can I make the DNS to return them the correct SRV records based
> on the segment where they request from.
Is there only one DC?
There is only one SRV, per node, per DC.
If you have multiple DCs on different subnets, you should separate them into
sites using ADS&S.

> If request from 10.22.2.x, DNS should return 10.22.0.26
> If request from 10.22.135.x, DNS should return 10.22.135.19
>
> Can the DNS able to do that?

Not reliably.

What you should have is a router between the subnets with only one private
interface on the DC.



--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================