Hi, I run a network with the following machines:

1 Server running Windows 2000 SP3, DHCP and DNS. It has 1 domain. It has been upgraded from Windows NT 4.0 Server.
1 Server runninf Windows 2000 SBS SP2 and DNS. It has another domain. I use this server for communications (Exchange, proxy, VPN, etc....)

I have problems with the DNS. If I put as DNS server the first server, outlook clients have problems to reach second server. If I remove the DNS Servers, then In some time clients can't get to files in first and second server.

I also get 5774 errors in second server.

The clients point to the first server, but then we have problems reaching second server, f.e otulook tells that the server can't be reached, If you click on connect again, then it works, but slowly.
My intention was to make the first server the primary server and the second a secondary one, but when I try to update second one's reverse lookup zone it tells that it doesn't work.

I run a NSLOOKUP on both servers (translated from spanish)

1.-Can't reach the name of the server for address 10.0.0.9 (the internal address of server): non-existent domain

Server: localhost
address: 127.0.0.1

2.-Server: Minerva.ttd.net
address: 194.179.1.100 (Is the address for external DNS)

First server don't have direct internet access and DNS points to itself. Second server have direct access to internet and have default gateway and 2 external DNS
"William Stacey" <(E-Mail Removed)> escribió en el mensaje news:(E-Mail Removed)...
Need more info. What dns servers do the clients point to? Are the zones the same on both servers (i.e. one the primary and one the secondary?
"Riven" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
Hi, I run a network with the following machines:

1 Server running Windows 2000 SP3, DHCP and DNS. It has 1 domain. It has been upgraded from Windows NT 4.0 Server.
1 Server runninf Windows 2000 SBS SP2 and DNS. It has another domain. I use this server for communications (Exchange, proxy, VPN, etc....)

I have problems with the DNS. If I put as DNS server the first server, outlook clients have problems to reach second server. If I remove the DNS Servers, then In some time clients can't get to files in first and second server.

I also get 5774 errors in second server.

In news:(E-Mail Removed),
Riven <(E-Mail Removed)>
posted their concerns,
Then Kevin D4Dad added his reply at the bottom.
> I've made clients point to both servers and I solved some issues, but
> it's clear that something is not working fine
> "Riven" <(E-Mail Removed)> escribió en el mensaje
> news:%(E-Mail Removed)...
> The clients point to the first server, but then we have problems
> reaching second server, f.e otulook tells that the server can't be
> reached, If you click on connect again, then it works, but slowly.
> My intention was to make the first server the primary server and the
> second a secondary one, but when I try to update second one's reverse
> lookup zone it tells that it doesn't work.
>
> I run a NSLOOKUP on both servers (translated from spanish)
>
> 1.-Can't reach the name of the server for address 10.0.0.9 (the
> internal address of server): non-existent domain
>
> Server: localhost
> address: 127.0.0.1
>
> 2.-Server: Minerva.ttd.net
> address: 194.179.1.100 (Is the address for external DNS)
>
> First server don't have direct internet access and DNS points to
> itself. Second server have direct access to internet and have default
> gateway and 2 external DNS
> "William Stacey" <(E-Mail Removed)> escribió en el mensaje
> news:(E-Mail Removed)...
> Need more info. What dns servers do the clients point to? Are the
> zones the same on both servers (i.e. one the primary and one the
> secondary?
> "Riven" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> Hi, I run a network with the following machines:
>
> 1 Server running Windows 2000 SP3, DHCP and DNS. It has 1 domain. It
> has been upgraded from Windows NT 4.0 Server.
> 1 Server runninf Windows 2000 SBS SP2 and DNS. It has another domain.
> I use this server for communications (Exchange, proxy, VPN, etc....)
>
> I have problems with the DNS. If I put as DNS server the first
> server, outlook clients have problems to reach second server. If I
> remove the DNS Servers, then In some time clients can't get to files
> in first and second server.
>
> I also get 5774 errors in second server.

The Fix for this is pretty simple, I'll explain since the second server is pointing to your ISP's DNS it cannot register its name in your local domain, that is why it is unreachable. The first server should be pointing to it own private IP not the 127.0.0.1 loopback addreess, It is pretty easy to fix.

Are both DCs in the same AD Domain?
1. Point the first DC to its own private address for primary then to the second DC Secondary (if the second DC has DNS)
2. Point the second DC to the first DC for DNS Primary then to its own address Secondary (if it has DNS installed)
3. Point the clients to both DCs if both have DNS
Do NOT use ISP's DNS in any NIC TCP/IP properties!

If these two DCs are in different Domains just point both of them to their own private address

The clients should point to the DC for DNS for the domain they are members of.

For internet access configure both DNS servers as per step 3 of this KB article: 300202 - HOW TO Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/default...us;300202&FR=1

--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
--
Hope This Helps
++++++++++++++++++++++++++++++++++++++++++
When responding to posts, please "Reply to Group" or
"Reply All" via your newsreader so that others may learn
and benefit from your issue
==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================

In news:#282kW#(E-Mail Removed),
Kevin D. Goodknecht Sr. [MVP] <(E-Mail Removed)> posted his concerns
then I replied down below:

> The Fix for this is pretty simple, I'll explain since the second
> server is pointing to your ISP's DNS it cannot register its name in
> your local domain, that is why it is unreachable. The first server
> should be pointing to it own private IP not the 127.0.0.1 loopback
> addreess, It is pretty easy to fix.
>
> Are both DCs in the same AD Domain?
> 1. Point the first DC to its own private address for primary then to
> the second DC Secondary (if the second DC has DNS)
> 2. Point the second DC to the first DC for DNS Primary then to its
> own address Secondary (if it has DNS installed)
> 3. Point the clients to both DCs if both have DNS
> Do NOT use ISP's DNS in any NIC TCP/IP properties!
>
> If these two DCs are in different Domains just point both of them to
> their own private address
>
> The clients should point to the DC for DNS for the domain they are
> members of.
>
> For internet access configure both DNS servers as per step 3 of this
> KB article: 300202 - HOW TO Configure DNS for Internet Access in
> Windows 2000
> http://support.microsoft.com/default...us;300202&FR=1
>
> --


Also, would like to add, if they are two different zones on each server,
(seems that way from the description), I would put a secondary zone on the
first server on the second server and vice-versa. This will satisfy the
requirements of the fact that mutiple listings in IP properties are meant to
be a fault tolerance mechanism and not load balancing. Also, if it tries the
first, and the answer is not there, it uses the second, but DOES NOT go back
to the first unless the machine is restarted or the DNS Client service is
restarted. So it would be alot easier on everything if there are copies of
both zones on each machine.

Also, that nslookup record just means that there is no reverse zone created
or a missing PTR in the reverse zone. It will still work, just ignore the
error or create a reverse zone and make sure there is a PTR entry for the
DNS server.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================

I've done all and all is worknig fine, but I have now a new problem, I can't
see my webpage from IsaServer on SBS server. More information:

I have an internet domain .com
My first server controls an internal domain called the same as my internet
..com
My second server (SBS) controls another domain.
Now that external DNS are on DNS, I can't reach my .com webpage through my
proxy.
Best regards,

Riven

"Ace Fekay [MVP]" <PleaseSubstituteMyFirstName&(E-Mail Removed)>
escribió en el mensaje news:%23z8$(E-Mail Removed)...
> In news:#282kW#(E-Mail Removed),
> Kevin D. Goodknecht Sr. [MVP] <(E-Mail Removed)> posted his concerns
> then I replied down below:
>
> > The Fix for this is pretty simple, I'll explain since the second
> > server is pointing to your ISP's DNS it cannot register its name in
> > your local domain, that is why it is unreachable. The first server
> > should be pointing to it own private IP not the 127.0.0.1 loopback
> > addreess, It is pretty easy to fix.
> >
> > Are both DCs in the same AD Domain?
> > 1. Point the first DC to its own private address for primary then to
> > the second DC Secondary (if the second DC has DNS)
> > 2. Point the second DC to the first DC for DNS Primary then to its
> > own address Secondary (if it has DNS installed)
> > 3. Point the clients to both DCs if both have DNS
> > Do NOT use ISP's DNS in any NIC TCP/IP properties!
> >
> > If these two DCs are in different Domains just point both of them to
> > their own private address
> >
> > The clients should point to the DC for DNS for the domain they are
> > members of.
> >
> > For internet access configure both DNS servers as per step 3 of this
> > KB article: 300202 - HOW TO Configure DNS for Internet Access in
> > Windows 2000
> > http://support.microsoft.com/default...us;300202&FR=1
> >
> > --
>
>
> Also, would like to add, if they are two different zones on each server,
> (seems that way from the description), I would put a secondary zone on the
> first server on the second server and vice-versa. This will satisfy the
> requirements of the fact that mutiple listings in IP properties are meant
to
> be a fault tolerance mechanism and not load balancing. Also, if it tries
the
> first, and the answer is not there, it uses the second, but DOES NOT go
back
> to the first unless the machine is restarted or the DNS Client service is
> restarted. So it would be alot easier on everything if there are copies of
> both zones on each machine.
>
> Also, that nslookup record just means that there is no reverse zone
created
> or a missing PTR in the reverse zone. It will still work, just ignore the
> error or create a reverse zone and make sure there is a PTR entry for the
> DNS server.
>
>
> --
> Regards,
> Ace
>
> Please direct all replies to the newsgroup so all can benefit.
>
> Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
> Microsoft Windows MVP - Active Directory
> --
> =================================
>
>