Is it DNS problem ?

Hi,

1. I have 3 testing machines in the Active Directory Environment DC1, DC2, DC3)
2. I created 2 subnet ( i use the subnet mask: 255.255.255.192)
3. The DC1 is a domain controller(which domain is domain1), DC3 is a replica domain controllerof domain1, and DC2 is  a child domain of domain1 which i called child.domain1.
4. The network ID is 204.127.60; the ist subnet is in this range: 204.127.60.65-126; the 2nd subnet is in the range of 204.127.60.129-190
5. I assume DC1 is in the first subnet, DC2 as a ROUTER, and DC3 is in the 2nd subnet.
6. DC1: i) Domain: domain1, ii)IP: 204.127.60.65, iii) SM: 255.255.255.192, iv)Default Gateway: 204.127.60.70, v) DNS: 204.127.60.65
7. DC2: i) There are 2 NIC, ii) the ist NIC: a1) IP: 204.127.60.70, a2)the SM: 255.255.255.192, a3) Default Gateway: Blank, a4) DNS: 204.127.60.65, iii) the 2nd NIC: a1) IP: 204.127.60.129, a2) the SM:same, a3)DG: Blank, a4)DNS: 204.127.60.65 (Same as IP address of DC1)
8. DC3: i)This is replica domain controller of domain1, ii)IP: 204.127.60.150, iii)SM:255.255.255.192, iv)Default Gateway: 204.127.60.129, v)DNS: 204.127.60.65 (Same as IP address of DC1).
9. Problem: i) When I ping DC3 from DC1; the message: "request time out", ii) When i ping DC1 from DC3; message: "Unknown host dc1", iii) Others are good (i can ping fr DC2 to DC1 &DC3 successfully, i can ping FR DC1 to DC2 successfully, I can ping fr DC3 to DC2 successfully)
10. Is it DNS problem ? Somebody knows the solution ?
11. Thank you.

Tjie
tjieAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Keith AlabasterEnterprise ArchitectCommented:
You have four subnets here.

subnet 1 204.127.60.1 - 63

subnet 2 204.127.60.65 - 127          DC1   DC2 (nic 1)

subnet 3 204.127.60.129 - 191        DC3   DC2 (nic 2)

subnet 4 204.127.60.193 - 254

On DC3, route -p add 204.127.60.0 mask 255.255.255.192 204.127.60.129



0
tjieAuthor Commented:
Keith,

1. I try the above command; it picks it up
2.But, when i try to ping again DC1 (from DC3); the same result: Unknown Host dc1
3. I think the Subnet Mask (255.255.255.192) will contribute only 2 subnets (...65-126) and (...129-190); the other two subnets (...1-63) and (...193-254) are invalid or illegal (as we can not allow all ZEROES or ONES).
4. I am waiting for your further answers please
5. Thank you.

Tjie
0
Keith AlabasterEnterprise ArchitectCommented:
You have four subnets; take it from me.
Can you ping the ip addresses of dc1 from dc3 rather than pinging the names?
0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

kfullartonCommented:
Have you enabled IP forwarding on the router?

http://support.microsoft.com/?kbid=230082

Also, you do have 4 subnets, which can be  determined by the subnet mask.

http://www.cisco.com/warp/public/701/3.html
0
tjieAuthor Commented:
Keith,

1. I ping DC1 by IP address from DC3.
2. Result: Still the same (can not ping)

Kfullarton,

1. I enable the IP Forwarding.
2. Restart the router (DC2).
3. Result: Still the same

What i find out now ?
1. I go to DC1
2. Type in: ipconfig
3. Result: i) IP address: ok, ii) Subnet Mask: Ok, iii) But the Default Gateway is still 10.254.0.1 (If i see at LAN properties under TCP/IP properties, the Default Gateway has been already: 204.127.60.70

So , is there any other suggestion to solve this ?

Thank you.

Tjie
0
adamdrayerCommented:
on DC1, type "route -p add 204.127.60.128 mask 255.255.255.192 204.127.60.70"  You can also add "IF #" at the end to specify the interface, but it may not be necessary.  On DC3, type "route -p add 204.127.60.64 mask 255.255.255.192 204.127.60.129".

Also, the child domain should point to itself for DNS, not DC1.  Its a seperate Active Directory database.  You'll also need to create static records for all servers on both DC1 and DC2 for this reason.  Name resolution is not necessary at this point, though.  You are just trying to get IP connectivity.  with the above two route commands executed, and RRAS enabled on DC2, you should be able to ping back and forth.  If not, try using tracert and pingpath to determine what is going on.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tjieAuthor Commented:
Adamdrayer,

1. Yes, you are the man !!
2. It works (I can ping DC3 from DC1 or vice versa)

Active Directory: i) DC2 has to point to itself for DNS; i have 2 NIC for DC2; which one should i use ?

Other things: i) When i type in "ipconfig" at DC1, i still see the Default Gateway is 10.254.0.1 (I believe this is a "cache"; but how can i get rid it of ?)

Email me back please.

Thank You.

Tjie
0
adamdrayerCommented:
Both NICs on DC2 should point to itself if it truly is a child domain.  child domains are related, but they are also seperate domains and the domain controllers for each domain should point to themselves and/or other domain controllers for resolution.  You should research microsoft's recommendations for DNS configuration on child domains.

I don't believe it would simply be cache, but you can try rebooting the Domain Controller to make sure.  Is DC1 gettings its IP information from a DHCP server?  does IPCONFIG list more than one network interface?
0
adamdrayerCommented:
oh, and thanks! =)
0
Keith AlabasterEnterprise ArchitectCommented:
lol, nice one adam. Just saw that i set the route to .0 rather than .64

Cheers
Keith
0
adamdrayerCommented:
Thanks!  But it was an easy mistake.  In the habit of using 24-bit masks, no doubt. =)
0
tjieAuthor Commented:
Keith, Kfullarton & Adam,

1. All of you are smart.
2. Thank you very much
3. Everybody has contributed for this discussion and solution.
4. I will split the point accordingly.

Regards,
Tjie
0
adamdrayerCommented:
Glad to see you got everything working.  

Thank you very much.  You are smart too.   Does the solution make sense to you, though?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.