Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

2 IP addresses, choose what one to be returned in dns queries.

Posted on 2008-10-07
9
Medium Priority
?
325 Views
Last Modified: 2010-04-07
Afternoon,

Our exchange server has two IP addresses.
One for lan, the other for WAN/PPP Interface.

When pinging the server name the WAN/PPP ip is returned, and thus the server is unaccessible.
If I flush the DNS and re-register it on the client experiencing this it will revert back to the LAN address..

But after a while it goes back to the WAN/PPP interface again.

How can I resolve this? What is the best solution, and why is this happening?
0
Comment
Question by:Antonio King
9 Comments
 
LVL 40

Expert Comment

by:omarfarid
ID: 22660938
I am not sure if windows dns has a mechanism for preferred ip based on source ip address. On the other hand BIND can do that
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22660945

Hi,

This happens because DNS uses Round Robin to respond to requests where multiple addresses exist for a single resource.

Do you really need two addresses? I recommend you set the WAN/PPP interface not to register entries in DNS to avoid conflicts.

Chris
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22660965

> I am not sure if windows dns has a mechanism for preferred ip based on source ip address

It does, NetMask Ordering. It's pretty basic though, it will try and order round robin responses so an answer on the local subnet is returned first.

Reliance on it should be avoided though really. It would be better (from my point of view) to investigate why the WAN/PPP address is registering.

Chris
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22661338
As Chris states go into your Network Connections righ-click the WAN NIC then go to properties highlight the Internet Protocol then click properties. Once in the properties click Advance then go to the DNS tab uncheck register with DNS.
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 22661458
Hi Chris-Dent,

I am not aware of this "NetMask Ordering" feature in windows dns - thank you for bringing it, but BIND feature to response with a specific IP to a specific source IP is much better in this case.
 
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22661532

> but BIND feature to response with a specific IP to a specific source IP is much better in this case.

You'll not find me arguing with that, Views are a feature I dearly wish could be implemented in MS DNS :)

It's just BIND tends to be a bit over the top for an AD Domain which is implied because of the Exchange part :)

Chris
0
 
LVL 26

Expert Comment

by:jar3817
ID: 22662490
Just add a route to the wan/ppp network via exchange's lan IP.
0
 

Author Comment

by:Antonio King
ID: 22666920
The WAN/PPP connection is not in Network Connections.

I don't know where it comes from, but it shows up in ipconfig/all

NOTE: This particular server is a domain controller. (Not sure if that makes any difference) and it hosts the DNS Server.
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 22667177

Well the second option is to change the Interfaces the server listens on, that would prevent even the server itself from registering the incorrect entry.

These are the instructions:

1. Open the DNS Console
2. Open the Properties for the DNS Server
3. Select Interfaces
4. Change the option to "Only the following addresses:"
5. Enter the IP address of the internal interface only

Then simply delete the erroneous entry from the forward lookup zone and check it doesn't reappear.

Chris
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question