two flat domains with a mutual trust. need help

  • Thread starter Thread starter yaardone
  • Start date Start date
Y

yaardone

I've recently upgraded our two NT domains to 2000. Natrually I kept the
same layout as to not cause too much trouble. I've diagramed the layout
before. My problem is for some reason I'm having a hard time getting my
DNS to work properly. Each PDC has a DNS server which forwards to the
other DNS server and to my ISP's name server. For some reason clients
are having a hard time locating the paths to other clients on the other
domain. Due to the bandidth limit on the VPN (1Mbit) I rather just set
up two seperate domains with a trust.

What is my correct DNS setup ?






DOM 1 ======VPN======INTERNET======VPN=====DOM2
pdc.dom1.comp.com
pdc2.dom2.comp.com
 
I've recently upgraded our two NT domains to 2000. Natrually I kept the
same layout as to not cause too much trouble. I've diagramed the layout
before. My problem is for some reason I'm having a hard time getting my
DNS to work properly. Each PDC has a DNS server which forwards to the
other DNS server and to my ISP's name server. For some reason clients
are having a hard time locating the paths to other clients on the other
domain. Due to the bandidth limit on the VPN (1Mbit) I rather just set
up two seperate domains with a trust.

What is my correct DNS setup ?
Click to expand...

I take it these are two separate forests. The problem you're coming up
against is that when you configure forwarders you can configure a couple
of servers, but they're there for redundancy in case the first isn't
available -- I think what you've done is put your ISP's DNS and yout
other domain's DNS to be forwarded to.

What happens is that your ISP's DNS returns a negative for the DNS query
and the other domain's DNS is never asked.

As you're on Win2k, the way to do it is add a secondary zone for the
other domain at each end -- this way all the DNS records will be
replicated over the WAN and clients will be able to resolve names ok.

(There's a feature in Win2k3 called stub zones that is more like a hint
telling the DNS server exactly where to forward the requests, which
would save replicating DNS over the WAN.)
 
Back
Top