Announcement

Collapse
No announcement yet.

DNS Across Domains

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • DNS Across Domains

    Hello,

    We have three separate domains that we will be setting up trusts for as follows:

    Domain 1 is trusted by Domain 2 and Domain 3

    The subnets are as follows:

    Domain 1: 192.168.40.0/24
    Domain 2: 192.168.50.0/24
    Domain 3: 192.168.60.0/24

    Each domain has it's own local DNS server, all of which use the same external forwarders.

    Domain trusts aside, I need to understand how to set up DNS so that I can see machines by name on any domain from any domain.

    Thank you,

    -Travis

  • #2
    Re: DNS Across Domains

    Setup conditional forewarders.
    http://technet.microsoft.com/en-us/l.../cc782142.aspx
    http://www.windowsnetworking.com/art...rver_2003.html
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: DNS Across Domains

      Do you want network browsing or do you want DNS name resolution to work across the domains because those are two different things. If you want DNS name resolution to work across the domains then follow Dumber's recommendation. If you want network browsing to work across the domains then you'll need to enable Netbios over TCP/IP on all the machines and you'll need to configure the routers to forward broadcast traffic.

      Comment


      • #4
        Re: DNS Across Domains

        That is a good point. While I was looking over Dumber's suggestion, I found that perhaps I could use stub zones as well, but also found that it looked as though I'd always have to use MachineName.domain.whatever to get it to work.

        I need to be able to have users type in \\MachineName and that's it.

        That being the case, it sounds like I'll need to set up broadcast traffic in the router. I believe that NetBIOS over TCP/IP is generally on by default in most Windows installs. Can it be explicitly enabled via DHCP?

        Bumber, thanks for the reply as well... another case of the person needing help not knowing exactly what to ask for.

        -Travis

        Comment


        • #5
          Re: DNS Across Domains

          Now that I think about it, implementing a WINS server on each subnet might be the best way to go. With WINS you shouldn't need to enable braodcast traffic forwarding on the router.

          Comment


          • #6
            Re: DNS Across Domains

            Originally posted by joeqwerty View Post
            Now that I think about it, implementing a WINS server on each subnet might be the best way to go. With WINS you shouldn't need to enable braodcast traffic forwarding on the router.
            I was just reading about that. Would I need to do anything special to get things working the way I want once the individual WINS servers are running? (EDIT: Can I enable replication between WINS servers on different domains?)
            Last edited by TravisB; 21st April 2009, 17:07.

            Comment


            • #7
              Re: DNS Across Domains

              The title suggested you where looking for a DNS configuration
              For WINS you can configure push/pull.
              Marcel
              Technical Consultant
              Netherlands
              http://www.phetios.com
              http://blog.nessus.nl

              MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
              "No matter how secure, there is always the human factor."

              "Enjoy life today, tomorrow may never come."
              "If you're going through hell, keep going. ~Winston Churchill"

              Comment


              • #8
                Re: DNS Across Domains

                Originally posted by Dumber View Post
                The title suggested you where looking for a DNS configuration
                For WINS you can configure push/pull.
                Yeah, I wasn't sure what the solution was going to be. You should see me try to decided what to have for breakfast.

                Thanks guys!

                -Travis

                Comment


                • #9
                  Re: DNS Across Domains

                  One last question:

                  I've enabled WINS in DHCP, should I also enable netbios over TCP/IP and point it to the WINS server as well?

                  Comment


                  • #10
                    Re: DNS Across Domains

                    LOL. Hopefully I never need to work with you then

                    Anyhow, About the WINS Replication start reading this
                    http://technet.microsoft.com/en-us/l.../cc783226.aspx

                    However, you still might considering the DNS configuration too
                    Marcel
                    Technical Consultant
                    Netherlands
                    http://www.phetios.com
                    http://blog.nessus.nl

                    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                    "No matter how secure, there is always the human factor."

                    "Enjoy life today, tomorrow may never come."
                    "If you're going through hell, keep going. ~Winston Churchill"

                    Comment


                    • #11
                      Re: DNS Across Domains

                      Whole wheat or fiber bran in the morning? That is a tough question.

                      Anyhow, WINS is for NETBIOS name resolution and will assist in the cross subnet network browsing.

                      DNS is for FQDN name resolution and will assist in the cross subnet FQDN resolution.

                      It's been awhile since I've used WINS but you can enable WINS for the clients by setting various DHCP scope options (such as which WINS servers to use, node type, etc.). You should make sure that the Enable Netbios over TCP/IP option is enabled onn each client but as you said earlier that is the default setting so you shouldn't need to manually touch each machine to set it. You can use a vendoe (Microsoft) option in your DHCP scope options to disable Netbios over TCP/IP but I don't think there is an option to enable it.

                      With the DNS, again follows Dumber's recommendation. I personally like to use conditional forwarders and not stub zones.

                      Comment


                      • #12
                        Re: DNS Across Domains

                        If you want \\computername to work you'll need to setup conditional forwards and you'll need to add all your domain suffix to each client.

                        Also don't forwards broadcasts, instead setup a WINs on each network and have them replicate.

                        Comment


                        • #13
                          Re: DNS Across Domains

                          That will work fine either actually.
                          A domain suffix can be spread by using a simple GPO

                          I forgot about this. To busy with other stuff
                          Marcel
                          Technical Consultant
                          Netherlands
                          http://www.phetios.com
                          http://blog.nessus.nl

                          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                          "No matter how secure, there is always the human factor."

                          "Enjoy life today, tomorrow may never come."
                          "If you're going through hell, keep going. ~Winston Churchill"

                          Comment


                          • #14
                            Re: DNS Across Domains

                            I'm not sure that adding the DNS suffix to all the clients is the best way as it will result in additional DNS queries for each lookup and will increase the DNS load on your DNS server.
                            Last edited by joeqwerty; 21st April 2009, 21:48.

                            Comment


                            • #15
                              Re: DNS Across Domains

                              Scratch my last response. Garen is right. If you want to access resources using single label names (\\servername\share) then you'll need both conditional forwarders and DNS suffixes.

                              Comment

                              Working...
                              X