I have two Windows 2003 Standard Servers (SP1) running ADS. First I installed one of the servers and gave it the IP address 192.168.0.12. Next I installed the DNS server. Then I added the second server as an additional DC for the domain, installed the DNS server on it as well and gave it the IP address 192.168.0.11. Both the server are multi-homed. The second NIC of the first server is not connected to any network, just there, so that if the other server goes down, I can connect the cable (Cat 5 Rj 45) running from my ISP to it. The second server is connected to the Internet using the second network adapter (through my ISP).

The clients on the network have static IP addresses and have DNS servers configured using the addresses of the two servers: 192.168.0.11 and 12. Both the DNS servers have been configured to use DNS forwarders (the ones my ISP have). Both the servers have loopback addresses in DNS servers list. Every thing works fine (ADS, Internet access, etc.) till the first server goes down.

I tried changing the operations master from the first server to the second server, made both the servers Global Catalog servers and added an additional IP address (192.168.0.1) to the second server. Still, Internet name resolution fails when the first server is down.

Then I came to notice that the second server's default server is one of my ISP's servers (using NSlookup). The first server's DNS server address is still 127.0.0.1. So I changed the second server's default server to 127.0.0.1, thinking I could fix the problem.

When I run NSlookup on client machines, it shows the first server as the default server, but when the first server is down, I can resolve Internet hosts using the second server using NSlookup, the second server as the default server and the command "server 192.168.0.1," but I can't resolve it using other programs.

Please help me fix the problem.

    Requires Free Membership to View

    Login

You're so close. The first server in the domain should be the first DNS entry on every client/workstation. The second server is usually the second DNS entry on your clients. The third and fourth entries are usually the ISP DNS servers. You are using the second server as a ICS box (Internet Connection Sharing) to connect network of clients to the Internet.

The gateway entry on the clients is the network interface card (192.168.0.11). The first server is set to forward requests that are not found in its records to the Internet (i.e., the ISP's DNS). The only entry in the DNS setup on the primary server would be itself. The loopback address (127.0.0.1, also known as "Home") is a red herring in this case and not appropriate in either listing. The second server should have its DNS entries listing the first server and on the ISP servers. Then if the first server is not available, the clients still get forwarded. Note that when you switch the ISP cable to the first server because the second has failed, you will have to update the gateway entry on the clients.

My usual recommendation is to use a firewall box as the ISP connector, in which case the gateway doesn't change.

This was first published in October 2005

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top