Windows Server 2008R2, How to separate two NICS from same Domain Location

I have a Domain connected Windows 2008R2 server acting as secondary DC with two active NICS. One NIC is the LAN with Static set (192.168.x.x)  and has internet access and is connected to a switch which feeds the rest of the LAN. The other NIC is isolated and connected statically (10.65.x.x) to a separate switch which iSCSI backup traffic runs over. The 10.65.x.x network is separate from the LAN. This iSCSI NIC has an IP and subnet but no other settings. "register this connection in DNS" is unchecked. DHCP and DNS run on this server as well, replicating with the Primary DC at the corporate office.  

The issue is, within DNS, the 10.65.x.x address keeps adding itself along with the 192.168.x.x address, both pointing to (Server1)  From another location, if I ping back to  (Server1), it returns the 10.65.x.x instead of the 192.168.x.x address. Not sure why it trumps the 192.168.x.x address. Anyone outside of our LAN trying to get to my SharePoint server at that point, get a "page could not be displayed" until I go into DNS and remove the 10.65.x.x entry which allows the 192.168.x.x to resolve properly to (Server1)

On (Server1) Under Control Panel\Network and Internet\Network and Sharing Center\Active Networks, Both NICS are listed as Domain Network connections. On my other servers (Server2) and (Server3) that also use the same two NIC Setup for iSCSI backup traffic, they are in separate locations (screenshots showing difference below)

I need to keep the 10.65.x.x address from showing up in DNS so (Server1) resolves to the 192.168.x.x address only. I have to delete the 10.65.x.x address from DNS every few days, can't really put a finger on when it adds itself back, sometimes it may stay deleted for a week. Could the reason for all this be the two NICS belonging to the same location? If not, what can be done to keep the 10.65.x.x address out of DNS?
Server1.JPG
Server2.JPG
KellyOConnorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Paris VicenteSystems and Comunications  Administrator Commented:
Hi.

On your DNS server -> right click your server name-> See if both Ip´s are listed on the interfaces, Choose just the ip that you want.

You could set a persistent route on your server to point to all packets come from this network
10.65.x.x to just use this ip as the gateway.

I believe this could  do the trick. let us know.

Regards
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
zalazarCommented:
This setup is called multihomed and you can indeed change the DNS server settings to only listen on 1 IP-address (192.168.x.x).

If the DNS server needs to listen on both IP-addresses then you can prevent the registration of the other IP-address in DNS by creating a value in the registry called:
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
Value name: PublishAddresses
Type: REG_SZ
Value data:  192.168.x.x

Please see also: http://support.microsoft.com/kb/246804/en-us
section "DNS Server service".
0
KellyOConnorAuthor Commented:
Thanks for the quick response. I have implemented both of your suggestions (Listen was selected for both adapters so I unchecked the 10.65.x.x v4 and v6) (I added the registry key) and will watch the server for a few days to make sure the 10.65.x.x address doesn't re-add itself to the DNS list. Once I determine it's working I'll award points to both of you. Thanks!!

Kelly
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

zalazarCommented:
You're welcome and thanks too.
Please note that for the registry entry to be effective it's necessary to restart the "DNS Server" service but it might be that you already did this.

quote/
http://support.microsoft.com/kb/246804/en-us
DNS reads its registry entries only when it starts. You can change entries while the DNS server is running by using the DNS console. If you change entries by editing the registry, the changes are not effective until you restart the DNS server.
/quote
0
KellyOConnorAuthor Commented:
Yes, DNS server was restarted, Thanks Zalazar! So far, so good. I'm going to wait nearly a week to make sure but my bet is it's fixed.
0
KellyOConnorAuthor Commented:
Seems fixed, Thanks again!
0
zalazarCommented:
That's good to hear and thanks for the grade !
0
David Paris VicenteSystems and Comunications  Administrator Commented:
I make my own the words of Zalazar, who knows in th future is you to help us.

Cheers.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.