DNS with remote site ( workgroup )...

  • Thread starter Thread starter Cary Shultz
  • Start date Start date
C

Cary Shultz

Howdy! Howdy!

Bit of a difficult situation. The problem is that the
clients in the remote location can not connect to the
Internet if the DHCP Router gives them internal DNS
information yet can if DHCP Router gives them ISP DNS
information.

Setup: One location in Roanoke and another location in
Blacksburg. The location is Roanoke is a WIN2000 AD Domain
( well, it is currently Novell NDS / Citrix but that is
being changed over to WIN2000 / Citrix ). The location in
Blacksburg is a workgroup. There is a router here in
Roanoke and a corresponding router in Blacksburg that are
connected via a T1. We can ping everything from
everywhere via IP Address, host name and FQDN. The two
WIN2000 DNS Servers here in Roanoke have all of the
necessary records ( four sub_folders and all records
within ).

When the WIN98 clients in Blacksburg try to connect to the
Internet or to the WIN2000 Citrix Server here in Roanoke
they are successfull when using the DNS IP Addresses of
the ISP, but NOT when using the internal DNS servers!

What are my Boss and I missing?

Thanks all!

Cary
 
In Cary Shultz <[email protected]>
posted their concerrns,
Then Kevin D4Dad added his reply at the bottom.
Howdy! Howdy!

Bit of a difficult situation. The problem is that the
clients in the remote location can not connect to the
Internet if the DHCP Router gives them internal DNS
information yet can if DHCP Router gives them ISP DNS
information.

Setup: One location in Roanoke and another location in
Blacksburg. The location is Roanoke is a WIN2000 AD Domain
( well, it is currently Novell NDS / Citrix but that is
being changed over to WIN2000 / Citrix ). The location in
Blacksburg is a workgroup. There is a router here in
Roanoke and a corresponding router in Blacksburg that are
connected via a T1. We can ping everything from
everywhere via IP Address, host name and FQDN. The two
WIN2000 DNS Servers here in Roanoke have all of the
necessary records ( four sub_folders and all records
within ).

When the WIN98 clients in Blacksburg try to connect to the
Internet or to the WIN2000 Citrix Server here in Roanoke
they are successfull when using the DNS IP Addresses of
the ISP, but NOT when using the internal DNS servers!

What are my Boss and I missing?

Thanks all!

Cary
Click to expand...

Has the "." Forward Lookup Zone been deleted?
If no, delete that zone refresh the console and put a forwarder on the
forwarders tab(optional but recommended).
 
In Cary Shultz <[email protected]>
posted their concerrns,
Then Kevin D4Dad added his reply at the bottom.
Charles,

Thank you for your reply.

Yes, we do. That was one of the first questions that I
asked my Boss. Even if we did not Root Hints would take
care of that, right?

Both DNS Servers are AD integrated. Both have Forwarders
set up ( although only one had Forwarders set up and I
added the Forwarders to the second DNS Server last night ).

The clients here in Roanoke have no issues whatsoever. It
is only the workgroup in Blacksburg that has been having
the issue since my Boss changed the DHCP Server ( er, the
Cisco router ) to hand out the "local" DNS information.
Since then the WIN98 machines in Blacksburg have had
issues....When he puts it back so that the Cisco router
hands out the IP Addresses of the ISP things work again...

What are we missing? TCP/IP is TCP/IP, right? *SHOULD*
not matter that the Blacksburg people are in a workgroup
and not members of the domain. Unfortunately setting up a
DC in the Blacksburg location and creating another Site is
not a possibility.

The Roanoke people are on a 192.77.x.x subnet ( I know
that this is a PUBLIC range; it was set up this way beofre
my Boss took over and there is an IBM AS/400 machine
involved...whatever that means! ) while the Blackburg
people are on a 192.168.x.x range. Both routers know
about both subnets...as I said, we can ping everyone from
everywhere via IP address, host name or FQDN...

Thanks again,

Cary
Click to expand...

The public addresses could become an issue I recommend changing to a private
non-routable scheme.
Check for the Root zone as I stated from my previous post and delete it.
 
-----Original Message-----
In Cary Shultz <[email protected]>
posted their concerrns,
Then Kevin D4Dad added his reply at the bottom.

Has the "." Forward Lookup Zone been deleted?
If no, delete that zone refresh the console and put a forwarder on the
forwarders tab(optional but recommended).




.
Click to expand...
Kevin,

As always, Thank you for your reply. You must think that
I am a moron! I am not ( well, not entirely! ). We
have "won" these clients ( actually, my boss did ) and the
previous people set up some things in a "different" way.

The "." zone was indeed deleted. That has never been an
issue ( well, not in this case! ). The situation in
Blacksburg is that the Cisco Router is handing out IP
Addresses. There is no server at all in Blacksburg.

The only thing that I can think of would be the fact that
the Roanoke subnet is indeed Public. My boss seems to be
of the opinion that this will not cause a problem due to
the fact that it is behind a firewall....

The reason that the Roanoke subnet has a "Public" range is
due to the AS/400 Server. I know nothing about AS/400. I
have suggested that we change it to a 192.168.x.x range
but fear that this *COULD* cause problems with the
AS/400...

Anyway, Thanks again.

Cary
 
The reason that the Roanoke subnet has a "Public" range is due to the
AS/400 Server. I know nothing about AS/400. I have suggested that we
change it to a 192.168.x.x range but fear that this *COULD* cause
problems with the AS/400...
Click to expand...

Couple of AS/400 tips:

- Read up on the "cfgtcp" command. I bet you can guess what this does.

- Remember that on the '400 IP can be up even if the adapter is varied off

- You should restart the adapter, protocol, and any network related services
on the '400 when you change the ip configuration. Many of these services
bind only at startup and will not rebind until restarted.

The '400 is a lot of fun to work with, but it's quite different from
dealing with W2K et al. The logic is more like OS/2 in a lot of ways, for
obvious reasons.

--
John LeMay
kc2kth
Senior Technical Manager
NJMC | http://www.njmc.com | Phone 732-557-4848
Specializing in Microsoft and Unix based solutions
 
-----Original Message-----


Couple of AS/400 tips:

- Read up on the "cfgtcp" command. I bet you can guess what this does.

- Remember that on the '400 IP can be up even if the adapter is varied off

- You should restart the adapter, protocol, and any network related services
on the '400 when you change the ip configuration. Many of these services
bind only at startup and will not rebind until restarted.

The '400 is a lot of fun to work with, but it's quite different from
dealing with W2K et al. The logic is more like OS/2 in a lot of ways, for
obvious reasons.

--
John LeMay
kc2kth
Senior Technical Manager
NJMC | http://www.njmc.com | Phone 732-557-4848
Specializing in Microsoft and Unix based solutions

.
Click to expand...
John,

Thank you for your imput. I will show this to my boss so
that we can H O P E F U L L Y change this sooooon!

Cary
 
In
Cary Shultz said:
Kevin,

I can see your confusion. I am confused. I have not been
to Blacksburg. My Boss does the traveling ( for
now...that will change next week! ).

As I understand it, there is a Cisco Router sitting on the
desk in Roanoke that is connected to a Cisco Router
sitting in Blacksburg. The connection is a point-to-point
partial T1.

The Router in Blacksburg is handing out the IP Addresses
to the six or seven WIN98 clients. They WERE getting the
ISP's DNS Server information. All was cool. My boss had
that changed to the Roanoke internal DNS Server
information ( based on my suggestion ). This is when the
fun began. The Blacksburg people were no longer able to
reach the Internet AND they were not able to connect to
the Citrix Server ( located in Roanoke ). Last night we
spent about four hours trying to resolve this.
The "solution" was to put it back to the way it was ( ISP
DNS information ).

Mind you, there is no problem for anyone to reach anyone
else. PING works with all three methods mentioned.

We did have some successes last night in that we were able
to reach one of the Citrix Servers ( but not the one that
they normally reach ) with the internal DNS information.
Anyway, he decided to have our Cisco guy change it back to
the way it was ( ISP DNS information ) late last night...

So, the issue is still open. We are going to be setting
up a couple of other offices ( different company ) next
week and would like to know what to avoid so as not to
repeat this.

I guess that it would be easy to set up a DC / GC / DNS
Server in Blacksburg so that they can be members of the
domain. However, as already stated, that is not an
avialable option right now.

Thanks for your time.

Cary
Click to expand...

I would do that, setup a DC/GC/DNS at Blacksburg. Or, why not just put a
cheapo (a server not being used in the closet?) caching DNS at Blacksburg,
let those W9x machines use it, and have it set to forward to the DNS in
Roanoke. But I like your idea better, this sets it up for AD and makes it
easier to get to domain resources.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
-----Original Message-----
In Cary Shultz <[email protected]> posted his concerns then I replied down
below:

I would do that, setup a DC/GC/DNS at Blacksburg. Or, why not just put a
cheapo (a server not being used in the closet?) caching DNS at Blacksburg,
let those W9x machines use it, and have it set to forward to the DNS in
Roanoke. But I like your idea better, this sets it up for AD and makes it
easier to get to domain resources.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================


.
Click to expand...
Ace,

I spoke with my boss again about setting up a DC/GC/DNS
Server down in Blacksburg. NO GO! The reason is that
with Citrix up here in Roanoke they do not *NEED* a server
in Blacksburg ( or so I am told this is the reason ).
Blacksburg does not want a server there at all! I will
speak with him about a "cheapo" server used to cache DNS.
I really wish that we could set up a DC/GC/DNS Server
there and simply add it as a second Site ( so we would
have two Sites: Roanoke and Blacksburg ). That would make
this issue go away. But then along came Citrix and messed
this up!

Anyway, Thanks again for you imput. I always appreciate
it.

Cary
 
In Cary Shultz <[email protected]> posted his concerns then I replied down
below:
Ace,

I spoke with my boss again about setting up a DC/GC/DNS
Server down in Blacksburg. NO GO! The reason is that
with Citrix up here in Roanoke they do not *NEED* a server
in Blacksburg ( or so I am told this is the reason ).
Blacksburg does not want a server there at all! I will
speak with him about a "cheapo" server used to cache DNS.
I really wish that we could set up a DC/GC/DNS Server
there and simply add it as a second Site ( so we would
have two Sites: Roanoke and Blacksburg ). That would make
this issue go away. But then along came Citrix and messed
this up!

Anyway, Thanks again for you imput. I always appreciate
it.

Cary
Click to expand...

Cary,

It;s sad to see this happening to you Cary. I knew you looked forward to
this new position and the technological "challenges" that arise. It's tough
to analyze a given issue and come up with a good solution, only to get shot
down and thrown a box of bandaids your way and told to, "Make it work".
Reasoning starts with the art of listening. If he's preoccupied with "older"
technology and reasons that sound good to him, he ain't going to open up to
listen to "new" technology reasoning.

I wish you lots of luck in getting this to work. I think a caching server
will help for the interim.

Good luck!!

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Back
Top