Connecting two DNS Servers through the Internet

[Michael]

I need to know how to connect 2 DNS servers over the
internet. I have 2 servers with 2k server. 2 buildings
about 20 miles away and each both places have fixed ip
addresses. dns is running on both. dhcp is running on
both. but i dont have active directory running. i want to
try to stay away from it if i could. can anyone help?

 

[Kevin D. Goodknecht]

In

I need to know how to connect 2 DNS servers over the
internet. I have 2 servers with 2k server. 2 buildings
about 20 miles away and each both places have fixed ip
addresses. dns is running on both. dhcp is running on
both. but i dont have active directory running. i want to
try to stay away from it if i could. can anyone help?

Your question is unclear, what do you mean you want to connect them?
Do they both hold forward or reverse lookup zones?
Please elaborate.

 

[Michael Johnston [MSFT]]

Please provide more detail as to what "connect" means. Are you trying to perform zone transfers?

Thank you,
Mike Johnston
Microsoft Network Support

--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.

 

[Ace Fekay [MVP]]

In

I need to know how to connect 2 DNS servers over the
internet. I have 2 servers with 2k server. 2 buildings
about 20 miles away and each both places have fixed ip
addresses. dns is running on both. dhcp is running on
both. but i dont have active directory running. i want to
try to stay away from it if i could. can anyone help?

I *think* you mean you want to have one DNS server's zone information onthe
other. If so, the easiest way is to choose one of the machines to have a
Primary Zone, and then create the same zone on the other one as a Secondary
zone, and when it asks who the Master IP is, you give it the IP of the first
one.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Michael]

ok, this is were i am. i have 2 businesses about 20 miles
apart. i need to set them up where i a can see all
computers on one network. both locations have windows 2000
server and routers with fixed ip addresses. i have a
program that does everything for sales and inventory etc.
i need to be able to share files and print from any
printer. more less being on the same network. thats where
i am and want i need to do.
michael delahoussaye

 

[Jason Meyer]

I would look at setting up a VPN between the two sites if you want to do all
that file sharing and what not.

Jason

 

[Kevin D. Goodknecht]

In

ok, this is were i am. i have 2 businesses about 20 miles
apart. i need to set them up where i a can see all
computers on one network. both locations have windows 2000
server and routers with fixed ip addresses. i have a
program that does everything for sales and inventory etc.
i need to be able to share files and print from any
printer. more less being on the same network. thats where
i am and want i need to do.
michael delahoussaye

This would be much easier to do if you set up a single AD domain at both
locations then you would just set up a VPN link between the two, AD
replication would take care of everything.

That being said, in the absence of an AD Domain, you still need the VPN
link, then give your network a FQDN such as my network.local make a forward
lookup zone for that name in DNS, primary on one secondary on the other and
manually create the host records in DNS for machine hostnames, i.e. server1
and server2 with the respective private addresses in the primary.
Point all machines to the private addresses of these servers for DNS
With this setup if the link is working then all machines would resolve the
names by the FQDN as server1.network.local and so on.

The problem with not using an AD domain is for anyone to access the shares
all users will have to have local accounts on all servers that have matching
usernames and passwords. If anyone changes their password it would have to
be changed in the local accounts on all machines. This could be a real PITA
to administer.

Do yourself a favor and set up a single AD Domain, with a DC in both
locations and a VPN between the two.
You still need DNS at both locations but replication would take care of
everything, including users and passwords. You will be much happier with the
outcome.

 

[Ace Fekay [MVP]]

Wow, I was way off. That's what I get when guessing without enough info!

Yes, a VPN is what's needed, as everyone else stated. Suggest a 3rd party,
such as a Cisco PIX or a Netscreen.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Kevin D. Goodknecht]

In Ace Fekay [MVP] <PleaseSubstituteMyActualFirstName&[email protected]>
posted a question
Then Kevin replied below:

Wow, I was way off. That's what I get when guessing without enough
info!

Yes, a VPN is what's needed, as everyone else stated. Suggest a 3rd
party, such as a Cisco PIX or a Netscreen.

--

Hey Ace, it's like a buddy of mine I use to run containers with, he always
said, "You're supposed to listen to what I mean, instead of what I say!"

 

[Ace Fekay [MVP]]

In

In Ace Fekay [MVP]
<PleaseSubstituteMyActualFirstName&[email protected]> posted a
question
Then Kevin replied below:
Hey Ace, it's like a buddy of mine I use to run containers with, he
always said, "You're supposed to listen to what I mean, instead of
what I say!"

That's it.
There ya go!

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Kevin D. Goodknecht]

In (e-mail address removed) <[email protected]>
posted a question
Then Kevin replied below:

what i am really trying to do is a always on vpn really. i
want to be able to
go to my network places and see the other computers and
the other server that
is 20 miles away. i was told i had to setup up dns and
make the servers look
for each other and then i would see all computers on the
both networks as one.
or even see the other network. can you tell me what i need
to do and really
need? i have 2 servers with win2kserver. 2 routers. each
place as a static ip
from my isp. anything else? do i have to run active
directory at any time? i
really want to stay away from that since i never installed
it. PLEASE
HELP!!!!!!!!!!!
michael j delahoussaye

See the post I made yesterday.

 

[Ace Fekay [MVP]]

In

what i am really trying to do is a always on vpn really. i
want to be able to
go to my network places and see the other computers and
the other server that
is 20 miles away. i was told i had to setup up dns and
make the servers look
for each other and then i would see all computers on the
both networks as one.
or even see the other network. can you tell me what i need
to do and really
need? i have 2 servers with win2kserver. 2 routers. each
place as a static ip
from my isp. anything else? do i have to run active
directory at any time? i
really want to stay away from that since i never installed
it. PLEASE
HELP!!!!!!!!!!!
michael j delahoussaye

You don;'t need AD. However, it would centralize and simplify authentication
big time.

All you really need is a VPN as everyone stated, between the two locations.
Hopefully you already have a nailed link (always up). Purchase two Netscreen
boxes, one for each location, setup the VPN between them, then you;ll have a
secure link that's wide open between them.

Then you'll want to install WINS. This is based on your requirement of
wanting to "SEE" the computers from each subnet. This feature/ability is
based on the Browser service to populate Network Neighborhood, which
absolutely requires NetBIOS support. NetBIOS does not traverse a router, so
therefore you need to offer support for NetBIOS name resolution, therefore
the best answer is WINS.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory