FQDN - DNS resolution

[Guest]

We have 2 sites. Local HQ and Remote site, both have 2 DCs (also AD
Integrated DNS).

If we "ping fqdn" (eg. ping mydomain.co.uk ) we get the IP address of one of
the Remote Site DCs - we expected to get the IP address of one of the local
DCs (which is the PDC Emulator).

What should the domain resolve as - the PDC emulator or any DC in the domain ?

 

[Guest]

If you do a ping FQDN_host_name, the request is directed to the host_name as
recorded in DNS / WINS (or broadcast as the case may be). This is normal
behavior and has nothing to do with AD.

DNS is used by Win 2000 / XP to locate AD services such as a DC, Global
Catalog, etc. Perhaps this is what you are looking for? In this case,
provided that the AD Site design is properly setup (IP subnets mapped
correctly), the phenomenon where a Win client gets authenticated by a DC in
another site could happen.

Do let us know if this helps.

 

[Guest]

We are not having a problem with authentication or name resolution - these
are both working corrrectly. If we ping machinename.mydomain.co.uk - we get
the correct ip address. Nslookup shows we are using the correct local DNS
server.

We just want to understand what to expect if we ping mydomain.co.uk (with
no host name. As I mentioned we get the IP address of one of the remote site
DCs and not the PDC Emulator DC which is on our local site.

Thanks

 

[Herb Martin]

We are not having a problem with authentication or name resolution - these
are both working corrrectly. If we ping machinename.mydomain.co.uk - we get
the correct ip address. Nslookup shows we are using the correct local DNS
server.

We just want to understand what to expect if we ping mydomain.co.uk (with
no host name. As I mentioned we get the IP address of one of the remote site
DCs and not the PDC Emulator DC which is on our local site.

All of the DCs register a name equal to their own (AD) domain.

BTW, none of what you offered (despite common mistatements
by just about everyone) are "FQDN".

An FQDN is one that is terminated in a "." (DOT) and
might be a zone name, or a machine name (which in DNS
are also domain names again despite the common error
of meaning a "dotted DNS name" instead of a FQDN.)

These are a FQDN: www.microsoft.com. com. even "."

These are not: www.microsoft.com microsoft.com etc

--
Herb Martin

We are not having a problem with authentication or name resolution - these
are both working corrrectly. If we ping machinename.mydomain.co.uk - we get
the correct ip address. Nslookup shows we are using the correct local DNS
server.

We just want to understand what to expect if we ping mydomain.co.uk (with
no host name. As I mentioned we get the IP address of one of the remote site
DCs and not the PDC Emulator DC which is on our local site.

Thanks

domain ?

 

[Guest]

Can anyone tell me what result I should expect if I ping mydomain.co.uk - the
IP address of any DC in the AD or specifically the IP address of the DC that
is the PDC Emulator (Global Catalog/Bridgehead server at central site - I am
located at the central site) ?

 

[ptwilliams]

If you ping mydomain.co.uk you will get the IP address of one of the records
that look like (same as parent folder) in the DNS console.

If you only have one DC, this will always be the same.

If you have multiple DCs in a single site this will be load-balanced, e.g.
the first is passed, then the second, etc. (from the server -the client will
cache the first and use it again).

If you have multiple DCs in multiple sites, you will get load-balencing
based on your subnet. So if you're in a remote site with two DCs and there
are other DCs in other sites, clients in your site will get the first, then
the second, then the first, etc.

This is because the DNS server is using a feature called round-robin (basic
load-balencing) and net-mask ordering (subnet prioritisation).

Basically, when you ping the domain name you get a DC returned. You can
also connect to \\domain-name.co.uk (a Dfs referral), bind to the domain
using domain-name.co.uk (serverless bind), etc.

Hope this helps,


--

Paul Williams

http://www.msresource.net
http://forums.msresource.net


Can anyone tell me what result I should expect if I ping mydomain.co.uk -
the
IP address of any DC in the AD or specifically the IP address of the DC that
is the PDC Emulator (Global Catalog/Bridgehead server at central site - I am
located at the central site) ?

 

[ptwilliams]

I'm not sure I 100% agree with this statement; it's quite vague and
therefore confusing (no offence).

If you ping a FQDN or a dotted name, e.g. node.childDom then you will only
use hosts and/ or DNS.

If you ping a hostname/ NetBT name, e.g. server1 then NT 5.x (and 4 if
configured with DNS, can't remember about 9x) will try hosts then DNS. Only
then will they turn to WINS and LMHOSTS (and broadcast).

Yes, DNS *is* most certainly used to locate AD-based services, etc. but it
does also simply resolve names -and not just internal names, but public
domain names too.

--

Paul Williams

http://www.msresource.net
http://forums.msresource.net


If you do a ping FQDN_host_name, the request is directed to the host_name as
recorded in DNS / WINS (or broadcast as the case may be). This is normal
behavior and has nothing to do with AD.

DNS is used by Win 2000 / XP to locate AD services such as a DC, Global
Catalog, etc. Perhaps this is what you are looking for? In this case,
provided that the AD Site design is properly setup (IP subnets mapped
correctly), the phenomenon where a Win client gets authenticated by a DC in
another site could happen.

Do let us know if this helps.

 

[Guest]

Thank you - that explanation was exactly what we needed.

Morag

 

[ptwilliams]

No problem ;-)

--

Paul Williams

http://www.msresource.net
http://forums.msresource.net


Thank you - that explanation was exactly what we needed.

Morag