Announcement

Collapse
No announcement yet.

Active Directory network topology DNS problem

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Active Directory network topology DNS problem

    I have a four Domain Controlers divided in 3 sites (same domain lacko.me).

    Site A (subnet 192.168.0.0/24) 2 DCs (IP 192.168.0.100 and IP 192.168.0.200)
    Site B (subnet 10.16.0.0/24) 1 DC (IP 10.16.0.100)
    Site C (subnet 10.24.0.0/24) 1 DC (IP 10.24.0.100)

    When client from site A (IP address 192.168.0.55/24, primary DNS 192.168.0.100, secondary DNS 192.168.0.200) try to resolve lacko.me sometimes gets address from site B (IP 10.16.0.100) and site C (IP 10.24.0.100) for domain lacko.me.

    Due to network connectivity client from the site A can reach only DCs on a site A.

    How can I fix DNS to sends responses to clients depending on the network topology.

    The goal is that customers who belong to the A site always gets DCs IP addresses from site A when resolving lacko.me.

    Whan i try nslookup lacko.me from client (192.168.0.55/24) periodically I get 10.16.0.100, 10.24.0.100 addresses and because of that client may not downloading GPOs.

    I try ipconfig / flushdns but it solves the problem temporarily.

    I try from client PC \\lacko.me\sysvol properties DFS (distribution file system) and check Yes for DC from site A but this solves the problem temporarily.
    Last edited by lacko; 21st March 2011, 23:52.

  • #2
    Re: Active Directory network topology DNS problem

    Set the relevant DHCP scope with the correct DNS server entries in the NIC card.

    Comment


    • #3
      Re: Active Directory network topology DNS problem

      I set for all clients (all sites) static IP addresses. DHCP is disabled at client and server side.

      Client which belong site A have these paremeters:

      IP address 192.168.0.55
      Subnet mask 255.255.255.0
      Gateway 192.168.0.1
      Primary DNS 192.168.0.100
      Secondary DNS 192.168.0.200

      When this client try to resolve lacko.me query was sent to primary DNS (192.168.0.100) and answer is 10.16.0.100, 10.16.24.200, 192.168.0.100 and 192.168.0.200. These are addresses of all domain controllers from all sites.

      How can i fix for clients which belong site A (subnet 192.168.0.0/24) to get from DNS only answer for lacko.me 192.168.0.100, 192.168.0.200.

      Just think for conditional DNS resolving.

      Goal is:

      If client from site A try to resolve lacko.me get only 192.168.0.100 or 192.168.0.200
      If client from site B try to resolve lacko.me get only 10.16.0.100
      If client from site C try to resolve lacko.me get only 10.24.0.100


      NOTE: I have four Domain Controlers geographically separated (same domain lacko.me)

      Thanks in advance for help
      Last edited by lacko; 22nd March 2011, 18:30.

      Comment


      • #4
        Re: Active Directory network topology DNS problem

        You need to look into AD sites: http://technet.microsoft.com/en-us/l.../cc787284.aspx
        Also may need to rethink about using dhcp, unless you script the up configuration for clients. Clients on each site should point to their own site DNS server.
        Caesar's cipher - 3

        ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

        SFX JNRS FC U6 MNGR

        Comment


        • #5
          Re: Active Directory network topology DNS problem

          Static IP addresses when you have perfectly good DHCP servers available to you is a bit of an admin nightmare isn't it.

          And just for your info when you do an NSLOOKUP on the doain name you will get all the IP addresses of every server named in the name servers tab in DNS.

          I get all of my DNS servers listed when i do this but my clients will still send requests to the primary and if needed secondary DNS servers in the IP address settings.

          Comment


          • #6
            Re: Active Directory network topology DNS problem

            Advanced TCP/IP DNS Settings:

            Set on each DNS Server primary DNS address127.0.0.1 and maintain sequence of the DNS server IP in order of use...
            Also set for clients- primary DNS address should be the own subnet primary DNS Server IP and maintain sequence of the DNS server IP in order of use ..

            Advanced TCP/IP WINS Settings:

            Click on Enable NetBIOS over TCP/IP as you use all static IP address (No DHCP available)

            Comment


            • #7
              Re: Active Directory network topology DNS problem

              Make sure that net mask ordering is enabled on your DNS servers.
              Also, what i observed in my environment, my windows 2008 R2 DC servers ignore net mask ordering if the ipv6 is enabled and if the primary dns is 127.0.0.1. I had to:
              1. Disable IPv6
              2. Set the local IP address of DC and not 127.0.0.1

              It is an interesting behavier!
              Br,
              Csaba
              Regards,
              Csaba Papp
              MCSA+messaging, MCSE, CCNA
              ...............................
              Remember to give credit where credit is due and leave reputation points where appropriate
              .................................

              Comment

              Working...
              X