DNS Problems - domains lost communcations

I

I.is.Who.I.am

I have a small network(20 machines) with 2 domains (a.local and b.local) in
one forest. The root domain has 2 win2003 servers and the other has 2 win2k
servers. The domains are on different private subnets xxx.xxx.0.0 and
xxx.xxx.2.0 both using same subnet mask xxx.xxx.xxx.0. The a.local domain is
win2003 and running AD with both being GCs and only one running both DNS &
DHCP. The b.local domain is win2k and running AD with both being GCs and
only one running both DNS & DHCP. The a.local forest DNS server is setup as
a forwarder to our ISP DNS servers. The b.local domain DNS server originally
when setup had a static IP and its DNS pointed to itself as primary and
a.local as secondary. Therefore the server required DNS to be installed and
configured itself as a root server. I had problems with b.local connecting
to the ISP and was directed to delete the root and make it a forwarder
pointing to a.local; also to change the static IP DNS order to avoid the
"Island" DNS issue. Upon deleting the root the 2 domains no longer
communicated. I cannot ping the other domain in either direction unless on
the same IP subnet. (The two domains are between two buildings). Note
a.local and b.local are in the same forest but b.local is not a sub-domain.

How can I fix this problem?
Does _msdcs.a.local have to be on both DNS servers or should each have it's
own _msdcs zone?

DB
Trying hard to figure this stuff out.
 
K

Kevin D. Goodknecht [MVP]

In
I.is.Who.I.am said:
I have a small network(20 machines) with 2 domains (a.local and
b.local) in one forest. The root domain has 2 win2003 servers and the
other has 2 win2k servers. The domains are on different private
subnets xxx.xxx.0.0 and xxx.xxx.2.0 both using same subnet mask
xxx.xxx.xxx.0. The a.local domain is win2003 and running AD with both
being GCs and only one running both DNS & DHCP. The b.local domain is
win2k and running AD with both being GCs and only one running both
DNS & DHCP. The a.local forest DNS server is setup as a forwarder to
our ISP DNS servers. The b.local domain DNS server originally when
setup had a static IP and its DNS pointed to itself as primary and
a.local as secondary. Therefore the server required DNS to be
installed and configured itself as a root server. I had problems with
b.local connecting to the ISP and was directed to delete the root and
make it a forwarder pointing to a.local; also to change the static IP
DNS order to avoid the "Island" DNS issue. Upon deleting the root the
2 domains no longer communicated. I cannot ping the other domain in
either direction unless on the same IP subnet. (The two domains are
between two buildings). Note a.local and b.local are in the same
forest but b.local is not a sub-domain.

How can I fix this problem?
Does _msdcs.a.local have to be on both DNS servers or should each
have it's own _msdcs zone?

DB
Trying hard to figure this stuff out.
Click to expand...

The Win2k3 is an simple fix set a conditional forwarder for b.local to the
Win2k DNS servers.
The Win2k servers are a little more difficult, you will need to pull
Secondary zones from the Win2k3 domain for both a.local and _msdcs.a.local
zones.
 
I

I.is.Who.I.am

Kevin D. Goodknecht said:
In

The Win2k3 is an simple fix set a conditional forwarder for b.local to the
Win2k DNS servers.
The Win2k servers are a little more difficult, you will need to pull
Secondary zones from the Win2k3 domain for both a.local and _msdcs.a.local
zones.
Click to expand...
Sorry, but the DNS side of things has confused. How do you set a conditional
forwarder and how can I pull the secondary zones when I cannot even ping the
server? I believe I can do the secondary if it will let me, but the
conditional forwarder I have not come across.

Thanks for the input
 
K

Kevin D. Goodknecht [MVP]

In
I.is.Who.I.am said:
Sorry, but the DNS side of things has confused. How do you set a
conditional forwarder and how can I pull the secondary zones when I
cannot even ping the server? I believe I can do the secondary if it
will let me, but the conditional forwarder I have not come across.
Click to expand...

What do you mean you cannot ping it? By name? By IP?

In the Win2k3 DNS console on the Forwarders tab add a new DNS domain
"b.local" then give it the IP's of the Win2k DNS.

The only thing about using a secondary of a Dynamic DNS zone is that the
secondary DNS server will log 3000 and 9999 events due to continuous
incremental zone transfers. You can ignore these events.
 
I

I.is.Who.I.am

I cannot ping it by name or ip unless I change the ip
of the machine trying to ping it to be in the same subnet.
I have a forward zone on a.local DNS server for b.local,
I cannot add it to the forward tab because of that. The b.local zone
does not have a msdcs directory on a.local but it does on b.local DNS
server.
 
K

Kevin D. Goodknecht [MVP]

In
I.is.Who.I.am said:
I cannot ping it by name or ip unless I change the ip
of the machine trying to ping it to be in the same subnet.
Click to expand...

If you cannot ping by IP then you have a routing issue, you will need to get
that worked out.
I have a forward zone on a.local DNS server for b.local,
I cannot add it to the forward tab because of that.
Click to expand...

Using a conditional forwarder would be better, it will alleviate 3000 events
on the Secondary.
You don't have conditional forwarding available in Win2k so you have no
other real option of using a secondary zone.
The b.local zone
does not have a msdcs directory on a.local but it does on b.local DNS
server.
Click to expand...

Win2k and Win2k3 do the _msdcs folder different, Win2k puts the _msdcs in a
subdomain in the domain zone. Win2k3 uses a Forward lookup zone named
"_msdcs.<dnsdomain>" with a delegation named _msdcs in the <dnsdomain> zone.

You can set Win2k up the same way and it will work but you won't get the
same replication options that are available in Win2k3. Win2k will only
replicate to DCs in the same domain.
 
I

I.is.Who.I.am

Kevin D. Goodknecht said:
In

If you cannot ping by IP then you have a routing issue, you will need to get
that worked out.
Click to expand...

I do not have a router installed. I do have WINS installed on both a.local
and b.local with replication push/pull between them. Everything was working
in regards to pinging and
name resolution until I removed the root zone from b.local. I removed on
recommendation
because I could not consistently get through to the ISP.
I used to be able to ping b.local or <anyname>.b.local
but I cannot. If I do a ipconfig /release & /renew
the b.local DHCP server assigns me an IP with the b.local domain name and I
can ping any b.local machine but not a.local. If I run ipconfig /release &
/renew
again a.local DHCP server assings me an IP with a.local domain and I can not
ping anyone including microsoft.com outside of a.local. The names resolve to
IPs
but the pinging times out, I get no response, its as if it dies on the net.

Using a conditional forwarder would be better, it will alleviate 3000 events
on the Secondary.
You don't have conditional forwarding available in Win2k so you have no
other real option of using a secondary zone.
Click to expand...
I tried the conditional forwarder by deleting the b.local zone from a.local
DNS server
and adding the b.local domain the the forwarder tab with the IP for the
DNS.b.local server
That did not resolve the problem
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Very strange config of DNS and AD domains . . . 4
Manually removing orphaned child domain & DC issue 6
dns on multiple domains 7
Cannot join domain 1
Fix Child Domain DNS prior to adding 2003 DCs 1
Proper DNS setup with two domains - How? 2
Dns Prob 6
Diferent domains dns problems 3

Top