Frank Helk
asked on
DNS and multihomed Windows / IoT machines ?
I have some small network with ~3 Windows machines and some other devices (let's call 'em IoT's ...) in it, with no acccess to the internet. There are 2 separate networks which interconnect the devices, so some machines are multihomed.
The machines ned to resolve other machine's names, so I think of installing a (static configured) DNS on the central Windows 2016 server machine.
Is it possible to deliver multihomed addresses to all machines (means: If a machine name gets resolved, does the asker get all known addresses, and would the asker be give a correct address that he could reach) ?
Any other snares or tripwires I should take care of ?
The machines ned to resolve other machine's names, so I think of installing a (static configured) DNS on the central Windows 2016 server machine.
Is it possible to deliver multihomed addresses to all machines (means: If a machine name gets resolved, does the asker get all known addresses, and would the asker be give a correct address that he could reach) ?
Any other snares or tripwires I should take care of ?
Windows Server has all sorts of options for how it will respond to DNS queries, including time of day and geographic referencing. There is also something called subnet prioritization that may be the solution that you're looking for.
https://rakhesh.com/windows/windows-dns-server-subnet-prioritization-and-round-robin/
https://docs.microsoft.com/en-us/windows-server/networking/dns/deploy/dns-policies-overview
That said, I don't think multihomed devices is a good idea. They make communication more complicated and less secure. A multihomed device is fully exposed to all connected networks. A little router or firewall between the networks can precisely control which devices have access to the other network, with source IP, destination IP, and ports all locked down. Better than multihoming.
https://rakhesh.com/windows/windows-dns-server-subnet-prioritization-and-round-robin/
https://docs.microsoft.com/en-us/windows-server/networking/dns/deploy/dns-policies-overview
That said, I don't think multihomed devices is a good idea. They make communication more complicated and less secure. A multihomed device is fully exposed to all connected networks. A little router or firewall between the networks can precisely control which devices have access to the other network, with source IP, destination IP, and ports all locked down. Better than multihoming.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
it is true that one host can be multihomed with more than one IP addresses, but the DNS server can't resolve the same hostname with multiple IP addresses. of course, you may assign multiple host names for those IP addresses, or even the same IP address.