Solved

DNS server between 2 subnets

Posted on 2013-11-16
17
2,254 Views
Last Modified: 2013-11-16
I have 2 locations with 2 different subnets. There is a VPN setup between them. I have a DC in each one. How do I configure the DNS so that everybody can translate DNS across both subnets?
0
Comment
Question by:WIZU2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 8
17 Comments
 
LVL 17

Expert Comment

by:BudDurland
ID: 39653633
Presuming it's the same Active Directory domain in both sites, and traffic is passing from one end of the VPN to the other, you should just be able to define them both as DNS servers for the domain.

If it's two different domains, then each DNS server should be configured to be a secondary DNS to the other domain.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39653634
everybody can translate DNS across both subnets?
Not getting your question...
If you couild explain \ simplify above please....
0
 

Author Comment

by:WIZU2
ID: 39653643
I have a DC in each location. Both running DNS.

Location 1 DNS points to self then forward lookup zone to DNS server in second location and vise versa.

Right now at the 2 site I can ping to host names to computers at the first site. But the first
cant ping by host name to second site.

Also when I browse the network no computers show up on second site and no computers show up from first site

The DNS at both sites have a reverse lookup zone for only first site. Is this the issue?

I added subnets scopes for both sites.
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:WIZU2
ID: 39653647
Also if I try to add a forward lookup zone on first site DNS server to the second site DNS server and it says that it couldn't resolve the host name either though I added an A record on that server??
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39653653
if you have AD, then both dns must have same configuration (same ad integrated forward lookup zone must be at both ends)
Now if you ping hostnames of site 1 from site2, will it resolves to host FQDN or just single label name)
And if you ping hostnames from site2 from site1, RTOs coming with name resolved or any other error coming
0
 

Author Comment

by:WIZU2
ID: 39653661
I thought forward lookup zones function so that is the local DNS cant resolve it then forwards to the other DNS server?

If I ping by host name from site 1 to site 2 with FQDN it does resolve??

Should I delete the reverse lookup zone?

Why cant second site see any computers in network locations?
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39653671
Have you configured forwarder at both dns servers pointing to each other ?
You do not required any forwarder since you have same forward lookup zone at both ends.
no need to delete reverse lookup zone.
how u ping hostnames ?
for ex:
ping server1
what is the reply from both ends if you ping like above ?
0
 

Author Comment

by:WIZU2
ID: 39653686
If I ping from first site to the second site

ping WS1    this fails

ping WS1.mydomain.local    this resolves
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39653692
are your dns servers are ad integrated ?
I mean is ur forward lookup zone is active directory integrated ?
0
 

Author Comment

by:WIZU2
ID: 39653705
The DNS server is also a DC
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39653714
On both DCs at each site please open Advanced Tcp/IP settings and check DNS Tab.
In DNS tab, check below settings.
ensure that "Append Primary and connection specific dns suffixes" radio button is selected
Ensure that "Append parent suffixes of primary dns suffix" checkbox is selected
Ensure that "register this connection addresses in Dns" checkbox is selected
If there is any deviation in the above settings, its probably you will face name resolution issues.
Also ensure that at both site DCs set own ip address as preferred dns and another DC ip as a secondary IP address.
Also check WINS tab in advance tcp/ip settings. netbios should be enabled on both DCs
Lastly diable firewall on both DCs
0
 

Author Comment

by:WIZU2
ID: 39653741
That worked thanks? I still don't know why at site 2 I don't see any PCs in my network places?

Is it possible in my network places to see all workstations between both subnets?
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39653749
Are you able to see site 2 computers in my network places on DC2 ?
If not check below servcies on DC
TCP/IP NetBIOS Helper
Computer browser
workstation

It may create problem between two subnets if NetBIOS broadcast is getting blocked between routers or firewalls.
0
 

Author Comment

by:WIZU2
ID: 39653784
I cant see any computers even on same subnet....workgroup is not an option either.

These are 2012/2008 servers. I couldn't find TCP/IP helper
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39653795
have you disabled firewall on both dcs?
TCP/IP NetBIOS Helper is the lmhosts service and must be there
please restart all 3 services mentioned above if not started
if you have ant extra unused adapters exists on DCs, please disable them
Open Cmd on both servers and run nbtstat -R & nbtstat -RR
then check if you are able to view computers in my network places..

can u check one thing,
try to telnet from DC to client computers and vice versa on TCP 445 and let me know
please
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39653803
0
 

Author Comment

by:WIZU2
ID: 39653869
That worked thank you so much!!
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question