asked on
DNS Resolution Issue
Hello EE,
I have i bit of a DNS issue going on at the moment that i am struggling to get my head around.
Our network has a number of sites, but only the two primary sites have AD/DNS.
Site A 172.16.0.0/16
Site B 172.18.0.0/16
I run VLANS and the above sites are broken down into /24 subnets for the different departments etc just in case your wondering.
When clients at Site B ping DOMAIN.LOCAL the reply comes from and '169.254' address, when i flush the DNS cache on the client and try again, the DNS server at that site replies. 172.16.20.1 in this case.
Quite often computers at Site A cannot reach the DNS at site A, but the DNS at Site B responds. Same thing again, if i flush the DNS cache on the client at Site A. It will then get a reply from 172.16.20.1 server at Site A.
I think the cause is more likely to be related to my lack of in depth DNS knowlege, i have probably configured something wrong at some stage during the life of this network.
I have i bit of a DNS issue going on at the moment that i am struggling to get my head around.
Our network has a number of sites, but only the two primary sites have AD/DNS.
Site A 172.16.0.0/16
Site B 172.18.0.0/16
I run VLANS and the above sites are broken down into /24 subnets for the different departments etc just in case your wondering.
When clients at Site B ping DOMAIN.LOCAL the reply comes from and '169.254' address, when i flush the DNS cache on the client and try again, the DNS server at that site replies. 172.16.20.1 in this case.
Quite often computers at Site A cannot reach the DNS at site A, but the DNS at Site B responds. Same thing again, if i flush the DNS cache on the client at Site A. It will then get a reply from 172.16.20.1 server at Site A.
I think the cause is more likely to be related to my lack of in depth DNS knowlege, i have probably configured something wrong at some stage during the life of this network.
Microsoft Legacy OSWindows Server 2008Internet Protocols
Last Comment
edster9999
ASKER
The swiches do have layer 3 functionality but this is all disabled as i have proper routers.
I have two core routers at site A and a core router at Site B, with multiple VPN's for redundancy. I run OSPF so most of the routing is done dynamically. Everything is reachable via IP address, so im pretty sure that the routing is all fine.
Also as i mentioned previously once i flush the cache the reponse is as per the design.
I am pretty sure that this is related to the DNS config on the server.
I have two core routers at site A and a core router at Site B, with multiple VPN's for redundancy. I run OSPF so most of the routing is done dynamically. Everything is reachable via IP address, so im pretty sure that the routing is all fine.
Also as i mentioned previously once i flush the cache the reponse is as per the design.
I am pretty sure that this is related to the DNS config on the server.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Use a tool like 'dig' (which you can get for linux or windows) to do DNS tests.
This tells you where the result comes from and what is asked / replied etc.
This tells you where the result comes from and what is asked / replied etc.
Assuming you have it split to something like :
172.16.20.X = servers
172.16.21.X = User group A
172.16.22.X = User Group B
etc
Each subdomain must have a default gateway.
This number MUST be inside the subnetwork for that range. So the IPs in 172.16.21.X need a gateway in 172.16.21.1 - 172.16.21.254
The normal layout would be to use 172.16.21.1
This does however have to be a device on the network that will handle routing to get to the other subnets / vLans. if your switches are clever enough (L3 type switches) it can be them otherwise it has to be the router all these switches are plugged into - and that needs to be configured to understand all the vlans and gateways.
In places where this is not set up right, the switches will try to build their own routing plans and learn where things are. This would explain why it doesn't work at the start but after a bit of traffic it starts to work.
Go back and check the network setup first.