Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 390
  • Last Modified:

multi-homed domain controller help!!

I am trying to determine the purpose for a multi-homed domain controller in our environment.

When I pull up the status of the two NIC's i see send/receive packets being transferred on both NIC's.

Is there any way to determine what exactly is going on. I've had reports of weird DNS issues and DHCP issues after disabling the second NIC but I can't grasp how these server features can be bound to one NIC or another.

Can anyone help ?
0
dirkdigs
Asked:
dirkdigs
  • 6
  • 5
  • 5
1 Solution
 
woolnoirCommented:
Are the adaptors teamed ? are they on different networks (check the IP's), different VLANs (check the NIC properties ) - dual homing can caused issues, but it suggests that DHCP or DNS issues by disabling a NIC could effect a group of users if the cards are on separate networks.

Might be worth pasting the addressing information.
0
 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
As a general rule of thumb you should make sure that multi-homed windows-computers are NOT configured with more than one default gateway. Verify this. Also make sure that your routing table is correct. run "route print" and have a look at it or post it here and describe your network settings.

/Kvistofta
0
 
dirkdigsAuthor Commented:
Windows IP Configuration



   Host Name . . . . . . . . . . . . : VANDCD301

   Primary Dns Suffix  . . . . . . . : PAC.AZA.NET

   Node Type . . . . . . . . . . . . : Unknown

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

   DNS Suffix Search List. . . . . . : PAC.AZA.NET

                                       AZA.NET



Ethernet adapter Local Area Connection:



   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client)

   Physical Address. . . . . . . . . : 00-1C-23-D4-41-F8

   DHCP Enabled. . . . . . . . . . . : No

   IP Address. . . . . . . . . . . . : 172.20.0.126

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . : 172.20.0.2

   DNS Servers . . . . . . . . . . . : 172.20.0.20

                                       172.20.0.26



Ethernet adapter Local Area Connection 2:



   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client) #2

   Physical Address. . . . . . . . . : 00-1C-23-D4-41-FA

   DHCP Enabled. . . . . . . . . . . : No

   IP Address. . . . . . . . . . . . : 172.20.0.20

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . : 172.20.0.2

   DNS Servers . . . . . . . . . . . : 172.20.0.20

                                       172.20.0.26
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
dirkdigsAuthor Commented:
FYI the IP 172.20.0.26 (secondary DNS) is a backup DC.
0
 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
Hou shouldnt have 2 nic:s in the same ip subnet, that is what is giving you trouble. If you need multiple ip addresses put them on the same nic and disable the other nic.

/Kvistofta
0
 
woolnoirCommented:
Agreed with kvisrofa , dont see any logic in that setup. Move one IP to the other NIC and make it a single NIC server.
0
 
dirkdigsAuthor Commented:
is there any way to determine what exactly that second ip is for ? or do i basically just disable it and see what breaks .
0
 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
You might find in applications like IIS that a service can be bound to a specific ip address. If you want to not break anything, do as I said above and put the ip from the disabled nic onto the still running nic. Windows can (could earlier at least) have multiple ip addreses on the same nic. Then you probably wont brake anything.

/Kvistofta
0
 
dirkdigsAuthor Commented:
this server is FILE, DC, DNS and DHCP only.
0
 
woolnoirCommented:
i would check the DNS server and WINS (if you have it) for entries for your file server, check with IP they refer to and which NIC coresponds... hopfully it will be just one, and you can remove the other.
0
 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
It wouldnt harm at all to have multiple ip:s on the same NIC.

/Kvistofta
0
 
dirkdigsAuthor Commented:
i think i figured out what this was setup for.

there are 2 sites. one in city a one in city b.

the site in city b had a dhcp scope set in regards to dns to resolve secondary dns to the second NIC of the dns server in city a.

i guess the second nic in city a was serving secondary dns requests for city b.

does this make sens? what do you guys think about it?

i still think i am going to get rid of it.
0
 
Jimmy Larsson, CISSP, CEHNetwork and Security consultantCommented:
Get rid of the NIC. Move the ip to the other nic if necessary.

/Kvistofta
0
 
woolnoirCommented:
I agree with how the guy set it up in theory, i.e a secondary server for a remote site but having the server with two NICs seems like a waste. Its fine to have serverA running a secondary DHCP and DNS for city B.. but theres no need to confuse matters with a second nic. You can either migrate the NIC accross or maybe its time for a full re-evaluation how you do things. If all sites are on DHCP then then altering the DHCP servers should be easy :)

I'm assuming you have ip helpers on the local switches to allow DHCP broadcast helpers ? if you have cisco switches look for a 'ip helper-address' command in the VLAN or LAN config on the remote switches... you can simply change that to point at the primary IP on the server... there are ways to remove the need for the dual IP's.
0
 
dirkdigsAuthor Commented:
we are using sonicwall's.
0
 
woolnoirCommented:
http://help.mysonicwall.com/sw/eng/705/ui2/23100/Network/IP_Helper.htm

this link should inform about IP HELPERS - you will probably find that the remote network has a IP HELPER for DHCP, pointing at one of the NIC addresses of the multihomed server, if you can find this you can alter it to the primary address and remove the need for the secondary... in theory :)
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 6
  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now