C
Craig Matthews
We have our network configured like this:
Headquarters: 10.0.0.0/16
Branch Office A: 10.1.0.0/16
Branch Office B: 10.2.0.0/16
Each location is being served by it's own DHCP server and DNS server. We
are running AD integrated DNS for our active directory domain, and
primary/secondary zones for our other domains.
One of our domains is company.com We have a web proxy server at each
location. For various reasons, we cannot use a web proxy autoconfiguration
script, but we need each location's workstations to use their local proxy
server. Therefore, what I was going to do was this:
1) Subnet mask ordering is enabled on all of our MS DNS servers.
2) Create three A records, all named proxy.company.com with the IP addresses
of each of our proxy servers.
3) Deploy a group policy to tell the workstations to use proxy.company.com
as their proxy server
However, when I try to use nslookup to lookup the IP addresses of
proxy.company.com, the DNS server is responding in round-robin fashion to
the queries. Each query cycles to the next IP instead of always giving me
the IP of the proxy server in my subnet first.
According to Microsoft's documentation, the settings on the DNS server work
like this:
1. Subnet Ordering On, Round-Robin Off:
DNS Server responds with the first IP listed being one in the same
subnet as the querying device.
2. Subnet Ordering On, Round-Robin On:
DNS Server responds in Round-Robin fashion, cycling the responses,
however, the IP address(es) on the local subnet of the querying device are
always listed first.
3. Subnet Ordering Off, Round-Robin On:
DNS Server cycles the responses.
4. Subnet Ordering Off, Round-Robin Off:
DNS Server responds in the order in which the records were created.
Our DNS servers are configured with Subnet Ordering On, and Round-Robin On.
This means that the second two IP addresses in the response will be cycled,
but the first one listed should always be the one that's in my subnet.
That is not what's happening. It is simply round-robining the responses.
This is happening in both Windows XP SP2 and Windows 2000 Professional.
Incidentally, when querying from a Windows 2003 server, it works perfect --
I always get the closest IP first on the response --- even though Microsoft
says that it doesn't work right in Windows 2003 Server's DNS client. It
also works great from our 2000 servers.
Seems to be just workstations (the ones that are under group policy and the
ones that are completely exempt from group policy, so it's nothing there).
Anyone ever seen this?
Headquarters: 10.0.0.0/16
Branch Office A: 10.1.0.0/16
Branch Office B: 10.2.0.0/16
Each location is being served by it's own DHCP server and DNS server. We
are running AD integrated DNS for our active directory domain, and
primary/secondary zones for our other domains.
One of our domains is company.com We have a web proxy server at each
location. For various reasons, we cannot use a web proxy autoconfiguration
script, but we need each location's workstations to use their local proxy
server. Therefore, what I was going to do was this:
1) Subnet mask ordering is enabled on all of our MS DNS servers.
2) Create three A records, all named proxy.company.com with the IP addresses
of each of our proxy servers.
3) Deploy a group policy to tell the workstations to use proxy.company.com
as their proxy server
However, when I try to use nslookup to lookup the IP addresses of
proxy.company.com, the DNS server is responding in round-robin fashion to
the queries. Each query cycles to the next IP instead of always giving me
the IP of the proxy server in my subnet first.
According to Microsoft's documentation, the settings on the DNS server work
like this:
1. Subnet Ordering On, Round-Robin Off:
DNS Server responds with the first IP listed being one in the same
subnet as the querying device.
2. Subnet Ordering On, Round-Robin On:
DNS Server responds in Round-Robin fashion, cycling the responses,
however, the IP address(es) on the local subnet of the querying device are
always listed first.
3. Subnet Ordering Off, Round-Robin On:
DNS Server cycles the responses.
4. Subnet Ordering Off, Round-Robin Off:
DNS Server responds in the order in which the records were created.
Our DNS servers are configured with Subnet Ordering On, and Round-Robin On.
This means that the second two IP addresses in the response will be cycled,
but the first one listed should always be the one that's in my subnet.
That is not what's happening. It is simply round-robining the responses.
This is happening in both Windows XP SP2 and Windows 2000 Professional.
Incidentally, when querying from a Windows 2003 server, it works perfect --
I always get the closest IP first on the response --- even though Microsoft
says that it doesn't work right in Windows 2003 Server's DNS client. It
also works great from our 2000 servers.
Seems to be just workstations (the ones that are under group policy and the
ones that are completely exempt from group policy, so it's nothing there).
Anyone ever seen this?