anounces private instead of public IP

F

frank

Hi,

I have a server that runs as NAT server too. I created a DNS zone for the
domain. The records were filled automatically with both IPs of the server
(local and public). I tried to change the order of the IPs in the record so
that the public one is the first in the list but nothing changes, The server
announces 192.168.1.1 as its IP. I didn't remove the local IP because I
thought the local computers would get faster access to the server than
sending all packets to the outside network card. How can I set DNS to return
local IP only to internal users? Thank you.

Frank
 
A

Ace Fekay [MVP]

In
Lee said:
Disable the check in "register this connection in dns" on the
external NIC. Lee

Unfortunately Lee, that won't stop registration, since the machine is a DNS
server. Registry entries will be required to stop this default behavior.


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 
A

Ace Fekay [MVP]

In
frank said:
Hi,

I have a server that runs as NAT server too. I created a DNS zone for
the domain. The records were filled automatically with both IPs of
the server (local and public). I tried to change the order of the IPs
in the record so that the public one is the first in the list but
nothing changes, The server announces 192.168.1.1 as its IP. I didn't
remove the local IP because I thought the local computers would get
faster access to the server than sending all packets to the outside
network card. How can I set DNS to return local IP only to internal
users? Thank you.

Frank

Frank, is the purpose of this DNS server to host public records, internal
records, or both? Is the internal usage for an AD installation? Can you
elaborate on the purpose of this server please?

You are seeing one of the classic problems with multihoming a DNS server.
Keep in mind, DNS will respond with an IP based on subnet priortization. If
an internal client that resides on the internal subnet of the internal NIC,
the client will get the internal private IP. If the client is on a different
internal subnet, then Round Robin kicks in place. IN addition, if it's a NAT
server, if the public IP were to be given to an internal client, the
request, a NAT server cannot take an internal request to the external
interface and forward it back in again. THat's a limitation of NAT (no
matter what name brand).

If I may suggest, if you are trying to host public and private data, two
separate servers will be required. One for private data, one for public
data. In addition, the DNS server is highly recommended not to be
multihomed, and will also suggest to purchase an inexpensive (USD$30.00)
LInksys router to handle NAT.

There are registry entries to force de-registration of the external,
internal or both IPs, and the LdapIpAddress and GcIpAddress as well, but not
sure if itw ill apply to your case since I do not know enought about the
intentions, your infrastructure or the purpose of this machine.


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top