No announcement yet.

DNS and NetMask Ordering

  • Filter
  • Time
  • Show
Clear All
new posts

  • DNS and NetMask Ordering


    I am trying to work out how to fix an issue that i have with DNS and dual homed servers.

    Currently we have 2 completely separate networks, 1 for client access and 1 for management. Client access is on a 10.x.x.x range and management is on a 172.x.x.x range, client LANís are typically either a /16 or /24 subnet and the management ranges can be anything from /24 to a /29.

    the problem that i am having is that DNS does not always return the correct address for a client to use, so for example a client on a 10.x.x.x address will sometimes get a 172.x.x.x address returned from DNS and the service \ application needing to connect will then fail as there is no route between the 2 networks.

    i can't stop the servers from registering the management address as some of our customer facing infrastructure will only have connectivity to the management network and the outside world via an internet facing interface.

    i have turned off round robin as this made the problem worse and have enabled Net Mask ordering but still get the issue.

    Has anyone else had to deal with this and found a workable solution?

  • #2
    Re: DNS and NetMask Ordering

    What DNS server are you using - Microsoft's offering?
    Gareth Howells

    BSc (Hons), MBCS, MCP, MCDST, ICCE

    Any advice is given in good faith and without warranty.

    Please give reputation points if somebody has helped you.

    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.


    • #3
      Re: DNS and NetMask Ordering

      sounds like you need to enable DNS scavaging.
      Technical Consultant

      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
      "No matter how secure, there is always the human factor."

      "Enjoy life today, tomorrow may never come."
      "If you're going through hell, keep going. ~Winston Churchill"


      • #4
        Re: DNS and NetMask Ordering

        I don't see whay you can't turn off DNS registration for the management interface. What has that got to do with the public ip being NAT'ed to the management interface.

        Your customer connets to a public DNS record that resolves to a public ip address that gets NAT'ed to the management interface address, right? So why does this require that the management interface register it's ip address with your internal DNS?


        • #5
          Re: DNS and NetMask Ordering

          So our customer facing infrastructure will use the management network for internal \ domain traffic and some internal systems will need to talk to customer facing infrastructure using the management network whilst also needing to talk to clients on the internal network. Both internal and external infrastructure is part of the same AD Forest
          DNS scavenging is already enabled but wonít help as both addresses are valid on the different networks
          DNS is running on the domain controllers (Windows Server 2003 R2)