Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

2 IP addresses, choose what one to be returned in dns queries.

Posted on 2008-10-07
9
Medium Priority
?
326 Views
Last Modified: 2010-04-07
Afternoon,

Our exchange server has two IP addresses.
One for lan, the other for WAN/PPP Interface.

When pinging the server name the WAN/PPP ip is returned, and thus the server is unaccessible.
If I flush the DNS and re-register it on the client experiencing this it will revert back to the LAN address..

But after a while it goes back to the WAN/PPP interface again.

How can I resolve this? What is the best solution, and why is this happening?
0
Comment
Question by:Antonio King
9 Comments
 
LVL 40

Expert Comment

by:omarfarid
ID: 22660938
I am not sure if windows dns has a mechanism for preferred ip based on source ip address. On the other hand BIND can do that
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22660945

Hi,

This happens because DNS uses Round Robin to respond to requests where multiple addresses exist for a single resource.

Do you really need two addresses? I recommend you set the WAN/PPP interface not to register entries in DNS to avoid conflicts.

Chris
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22660965

> I am not sure if windows dns has a mechanism for preferred ip based on source ip address

It does, NetMask Ordering. It's pretty basic though, it will try and order round robin responses so an answer on the local subnet is returned first.

Reliance on it should be avoided though really. It would be better (from my point of view) to investigate why the WAN/PPP address is registering.

Chris
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22661338
As Chris states go into your Network Connections righ-click the WAN NIC then go to properties highlight the Internet Protocol then click properties. Once in the properties click Advance then go to the DNS tab uncheck register with DNS.
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 22661458
Hi Chris-Dent,

I am not aware of this "NetMask Ordering" feature in windows dns - thank you for bringing it, but BIND feature to response with a specific IP to a specific source IP is much better in this case.
 
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22661532

> but BIND feature to response with a specific IP to a specific source IP is much better in this case.

You'll not find me arguing with that, Views are a feature I dearly wish could be implemented in MS DNS :)

It's just BIND tends to be a bit over the top for an AD Domain which is implied because of the Exchange part :)

Chris
0
 
LVL 26

Expert Comment

by:jar3817
ID: 22662490
Just add a route to the wan/ppp network via exchange's lan IP.
0
 

Author Comment

by:Antonio King
ID: 22666920
The WAN/PPP connection is not in Network Connections.

I don't know where it comes from, but it shows up in ipconfig/all

NOTE: This particular server is a domain controller. (Not sure if that makes any difference) and it hosts the DNS Server.
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 22667177

Well the second option is to change the Interfaces the server listens on, that would prevent even the server itself from registering the incorrect entry.

These are the instructions:

1. Open the DNS Console
2. Open the Properties for the DNS Server
3. Select Interfaces
4. Change the option to "Only the following addresses:"
5. Enter the IP address of the internal interface only

Then simply delete the erroneous entry from the forward lookup zone and check it doesn't reappear.

Chris
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
This applies to Dell but may also apply to other manufacturers as well. We ran across a few machines that just dropped recently it trust relationship with the server. After doing the basic removing and joining the domain again, it changed to No logo…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question