Multihomed Fileserver + users nic disregards FS's binding order

  • Thread starter Thread starter DNS question
  • Start date Start date
D

DNS question

Problem: A multihomed file server's nics are set in a
binding order. The remote client (on a different subnet)
pings the fileserver yet the ping replys with the second
ordered nic.
Server IP's:
1.18 and 1.17 in that binding order.

Reasons for the concern: Browser errors with the
multihomed device in eventveiwer.

If I diable the second nic to rid myself of browser
errors, users with the ping reply of the second nic can't
access files. How can I get those users, when accessing
the server to connect to a specific nic?

I've used IPCONFIG /flushdns then /displayDNS on client
and still the order on the client is wrong.
 
In
DNS question said:
Problem: A multihomed file server's nics are set in a
binding order. The remote client (on a different subnet)
pings the fileserver yet the ping replys with the second
ordered nic.
Server IP's:
1.18 and 1.17 in that binding order.

Reasons for the concern: Browser errors with the
multihomed device in eventveiwer.

If I diable the second nic to rid myself of browser
errors, users with the ping reply of the second nic can't
access files. How can I get those users, when accessing
the server to connect to a specific nic?

I've used IPCONFIG /flushdns then /displayDNS on client
and still the order on the client is wrong.
Click to expand...

Would you post the ipconfig /all please?
 
DNS server for this client is 51.11
The multihomed file server is on a different subnet
(192.168.41.17 & 18).
The multihomed server is giving me many Browser errors.
I want to disable .17 yet several clients on 51 subnet
default to .17 for thier files.
How can I force the client to goto .18.
Keep in mind that these clients are in a diferent subnet
and rely on their DC for DNS. Do I simply delete the DNS
record of .17 on thier DC? An IPconfig /displayDNS on
client shows both NICs just not in the right order.

Physical Address. . . . . . . . . : 00-50-BA-07-1A-F4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.51.172
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.51.1
DHCP Server . . . . . . . . . . . : 192.168.51.11
DNS Servers . . . . . . . . . . . : 192.168.51.11
Lease Obtained. . . . . . . . . . : Saturday, May 15,
2004 8:10:42 AM
Lease Expires . . . . . . . . . . : Sunday, May 23, 2004
8:10:42 AM
 
In (e-mail address removed) <[email protected]>
posted a question
Then Kevin replied below:
DNS server for this client is 51.11
The multihomed file server is on a different subnet
(192.168.41.17 & 18).
The multihomed server is giving me many Browser errors.
I want to disable .17 yet several clients on 51 subnet
default to .17 for thier files.
How can I force the client to goto .18.
Keep in mind that these clients are in a diferent subnet
and rely on their DC for DNS. Do I simply delete the DNS
record of .17 on thier DC? An IPconfig /displayDNS on
client shows both NICs just not in the right order.

Physical Address. . . . . . . . . : 00-50-BA-07-1A-F4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.51.172
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.51.1
DHCP Server . . . . . . . . . . . : 192.168.51.11
DNS Servers . . . . . . . . . . . : 192.168.51.11
Lease Obtained. . . . . . . . . . : Saturday, May 15,
2004 8:10:42 AM
Lease Expires . . . . . . . . . . : Sunday, May 23, 2004
8:10:42 AM
Click to expand...



Actually, I was wanting to see the ipconfig /all on the Multihomed server. I
also need to know if it is a member server, DC or standalone server.
 
Interesting. I see where you're going with this. The
server is a DC. I disabled the 2nd NIC about 1 hour ago
and removed the host record from replication partners of
multihomed servers. Now waiting for any errors. So far
none. Can you foresee any reprecussions from my actions?

-----Original Message-----
In (e-mail address removed)
Click to expand...
 
In (e-mail address removed) <[email protected]>
posted a question
Then Kevin replied below:
Interesting. I see where you're going with this. The
server is a DC. I disabled the 2nd NIC about 1 hour ago
and removed the host record from replication partners of
multihomed servers. Now waiting for any errors. So far
none. Can you foresee any reprecussions from my actions?
Click to expand...

Not really, but I don't know all about your network. What I do know is that
Domain controllers have a known issue about being Multihomed. It can be done
but it requires some extra configuring and adding some registry entries.
I have setup Multihomed DCs in the past, two of which are mine, I have
absolutely no problems with any them. The trick is setting the proper
bindings and binding order, making the registry entries and creating one or
two host records in DNS. One or two that is depending on whether it is a
Global Catalog server or not.
The thing of it is, it can be done, but you have to know what you are doing.
 
Kevin D. Goodknecht said:
Not really, but I don't know all about your network. What I do know is that
Domain controllers have a known issue about being Multihomed. It can be done
but it requires some extra configuring and adding some registry entries.
I have setup Multihomed DCs in the past, two of which are mine, I have
absolutely no problems with any them. The trick is setting the proper
bindings and binding order, making the registry entries and creating one or
two host records in DNS. One or two that is depending on whether it is a
Global Catalog server or not.
The thing of it is, it can be done, but you have to know what you are
Click to expand...
doing.

Hi Kevin,

Could you help me through the steps need to successfully run Windows 2000
domain controllers when they are multi-homed?

We have 2 DCs both have 2 NICs. NIC 1 is attached to our internal network.
NIC 2 is attached to our backup network. Both NIC 1s have the usual stuff
bound to then (IP,File & Print Sharing, Client for MS networks). Both NIC
2s only have IP bound to them. Both NIC 1s are at the top of the
'Connections' box on the 'Adapters and Bindings' tab in the Advanced
Settings window.

I have set
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\Dns
AvoidRegisterRecords to LdapIpAddress on both machines. I have also deleted
and then created the relevant 'empty' host records in DNS.

Is there anything else I need to do? What about the _msdcs/gc domain - the
host records there also seem to be dynamically created. Does the above
registry mod fix this too?

Thankyou for any help you can provide.

Regards,
Ken.
 
In
Ken Thomson said:
Hi Kevin,

Could you help me through the steps need to successfully run Windows
2000 domain controllers when they are multi-homed?

We have 2 DCs both have 2 NICs. NIC 1 is attached to our internal
network. NIC 2 is attached to our backup network. Both NIC 1s have
the usual stuff bound to then (IP,File & Print Sharing, Client for MS
networks). Both NIC 2s only have IP bound to them. Both NIC 1s are
at the top of the 'Connections' box on the 'Adapters and Bindings'
tab in the Advanced Settings window.

I have set
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\Dns
AvoidRegisterRecords to LdapIpAddress on both machines. I have also
deleted and then created the relevant 'empty' host records in DNS.

Is there anything else I need to do? What about the _msdcs/gc domain
- the host records there also seem to be dynamically created. Does
the above registry mod fix this too?
Click to expand...

For the gc record in the registry key above where the LdapIpAddress value is
add GcIpAddress this will stop the auto creation of the
gc._msdcs.<dnsdomain> record. You will have to manually add the (same as
parent folder) record.

You will also need to verify your binding order, right click on Network
Places, choose properties, Advanced menu, advanced settings. The internal
interface must be at the top of the binding order with File sharing and
Client for MS networks.
 
Kevin D. Goodknecht said:
For the gc record in the registry key above where the LdapIpAddress value is
add GcIpAddress this will stop the auto creation of the
gc._msdcs.<dnsdomain> record. You will have to manually add the (same as
parent folder) record.
Click to expand...

Thanks Kevin for your prompt and very helpful reply.

When adding GcIpAddress to LdapIpAddress, do I just separate them by commas?
Or is another separator used?

Regards,
Ken.
 
Ken Thomson said:
When adding GcIpAddress to LdapIpAddress, do I just separate them by commas?
Or is another separator used?
Click to expand...

To answer my own question -

I had tried to create the registry value using regedit.exe. That will not
work. You must use regedt32.exe. That allows you to create the
REG_MULTI_SZ value. You then delineate the entries by pressing [enter].

See KB267855 for more info.

Regards,
Ken.
 
Kevin D. Goodknecht said:
For the gc record in the registry key above where the LdapIpAddress value is
add GcIpAddress this will stop the auto creation of the
gc._msdcs.<dnsdomain> record. You will have to manually add the (same as
parent folder) record.
Click to expand...

Is a reboot of the Domain Controllers required to activate these settings?

After fixing my 1st error of using regedit.exe and correctly entering the
REG_MULTI_SZ value using regedt32.exe - both DCs are still dynamically
creating the DNS records after I delete them.

Regards,
Ken.
 
In
Ken Thomson said:
Is a reboot of the Domain Controllers required to activate these
settings?

After fixing my 1st error of using regedit.exe and correctly entering
the REG_MULTI_SZ value using regedt32.exe - both DCs are still
dynamically creating the DNS records after I delete them.

Regards,
Ken.
Click to expand...

If the (same as parent folder) records are still created, you should recheck
your registry setting.

Go to Winnt\system32\config directory delete the netlogon.dns and
netlogon.dnb, run ipconfig /flushdns, restart the Netlogon service, and run
ipconfig /registerdns
 
Kevin D. Goodknecht said:
If the (same as parent folder) records are still created, you should recheck
your registry setting.

Go to Winnt\system32\config directory delete the netlogon.dns and
netlogon.dnb, run ipconfig /flushdns, restart the Netlogon service, and run
ipconfig /registerdns
Click to expand...

Thanks again Kevin! :-)

Stopping the Netlogon service, deleting netlogon.dns and netlogon.dnb,
restarting the service did the trick!

Appreciate the help you have provide to me over the last few days.

Cheers,
Ken.
 
Back
Top