edwalters
asked on
Two subnets DNS issues
Good Morning
We have always run one subnet 10.0.0.0 with a DNS server of 10.0.0.20 with less than 20 clients, shortly we have another company moving into the office sharing the same structured cabling, however I would like to keep them on a different subnet.
We have allocated them with one of the WAN IPs made available to us by our ISP by introducing a switch that each subnet's firewall plugs in to, those Firewalls are 10.0.0.1 and 192.168.16.1. All works well, but some of the PC's on 10.0.0.1 (typically those that are DHCP) try to use 192.168.100.1 for DNS and fail I cannot work out why they are trying to use it though.
DHCP is disabled for 192.168.16.x, it is not a domain and the IP config of all the clients on 10.0.0.0 seems fine, all pointing at 10.0.0.20 for DNS.
If anyone could tell me where I am being stupid that would be great.
Thanks
Ed
We have always run one subnet 10.0.0.0 with a DNS server of 10.0.0.20 with less than 20 clients, shortly we have another company moving into the office sharing the same structured cabling, however I would like to keep them on a different subnet.
We have allocated them with one of the WAN IPs made available to us by our ISP by introducing a switch that each subnet's firewall plugs in to, those Firewalls are 10.0.0.1 and 192.168.16.1. All works well, but some of the PC's on 10.0.0.1 (typically those that are DHCP) try to use 192.168.100.1 for DNS and fail I cannot work out why they are trying to use it though.
DHCP is disabled for 192.168.16.x, it is not a domain and the IP config of all the clients on 10.0.0.0 seems fine, all pointing at 10.0.0.20 for DNS.
If anyone could tell me where I am being stupid that would be great.
Thanks
Ed
ASKER
I'm fairly sure the DHCP settings are fine, the majority of the machines seem fine, the ones that do have an issue are temporarily fixed by flushing the DNS records, but eventually they become problematic again and if I do an nslookup they display 192.168.16.1.
This is what the DHCP clients receive.
Windows IP Configuration
Host Name . . . . . . . . . . . . : s-PC
Primary Dns Suffix . . . . . . . : company.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Company.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : Company.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F8-BC-
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.0.0.123(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 19 October 2015 07:50:33
Lease Expires . . . . . . . . . . : 15 November 2015 18:16:55
Default Gateway . . . . . . . . . : 10.0.0.237
DHCP Server . . . . . . . . . . . : 10.0.0.248
DNS Servers . . . . . . . . . . . : 10.0.0.20
Primary WINS Server . . . . . . . : 10.0.0.20
NetBIOS over Tcpip. . . . . . . . : Enabled
This is what the DHCP clients receive.
Windows IP Configuration
Host Name . . . . . . . . . . . . : s-PC
Primary Dns Suffix . . . . . . . : company.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Company.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : Company.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F8-BC-
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.0.0.123(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 19 October 2015 07:50:33
Lease Expires . . . . . . . . . . : 15 November 2015 18:16:55
Default Gateway . . . . . . . . . : 10.0.0.237
DHCP Server . . . . . . . . . . . : 10.0.0.248
DNS Servers . . . . . . . . . . . : 10.0.0.20
Primary WINS Server . . . . . . . : 10.0.0.20
NetBIOS over Tcpip. . . . . . . . : Enabled
on infected system please check its hosts file
c:\Windows\System32\driver
c:\Windows\System32\driver
Ususally the DHCP distributes the DNS settings to the clients. If a client gets an IP, it should also get the associated DNS settings from the scope, where the client fetches the IP.
What is not a reliable configuration, if you have two DHCP server in your network, which can be seen by the clients. The usualy way is that the fastest DHCP response wins and this way the clients gets one time a IP from the one DHCP, another time from another one.
The only configuration with more than one DHCP is a load balanced / splitted DHCP, where one of them distributes one half of the address scope and the other one the other half, but both on the same subnet, have the same common scope and the same settings (DNS, Gateway etc.).
DHCP is not based on addresses, it is its own protocol and it is not possibly to separate DHCPs by IPs. Only a firewall can block DHCP settings passing a router.
If you have two independent companies, its better to separate the network with VLANs. The computers on one VLAN can not see computers on the other VLAN. The bridge between the VLANs maybe a router, which allows dedicated traffic but not DHCP. This way, you can use the same infrastructure, even the same access point to the internet but both companies are completely independent from each other.
What is not a reliable configuration, if you have two DHCP server in your network, which can be seen by the clients. The usualy way is that the fastest DHCP response wins and this way the clients gets one time a IP from the one DHCP, another time from another one.
The only configuration with more than one DHCP is a load balanced / splitted DHCP, where one of them distributes one half of the address scope and the other one the other half, but both on the same subnet, have the same common scope and the same settings (DNS, Gateway etc.).
DHCP is not based on addresses, it is its own protocol and it is not possibly to separate DHCPs by IPs. Only a firewall can block DHCP settings passing a router.
If you have two independent companies, its better to separate the network with VLANs. The computers on one VLAN can not see computers on the other VLAN. The bridge between the VLANs maybe a router, which allows dedicated traffic but not DHCP. This way, you can use the same infrastructure, even the same access point to the internet but both companies are completely independent from each other.
I don't see where you tell us the subnet masks involved..... That might help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
No other solutions.
on the client which is on DHCP and trying 192.168.0.100.1 for DNS query, do ipconfig /all and share the results.