Network is addressing external nic instead of internal

[Jordan]

For some reason, some of my clients can no longer connect to one of my
servers that is multihomed with one internal nic and one Internet nic. The
Internet Nic has all ports blocked except for web access on ports 25 and 80.
When the clients ping that server by name "mail", they get a response from
the external nic, not the internal nic as they had for the past few years.

I have just started my upgrade to Windows 200x server from NT 4.0 Server. I
just upgraded the PDC to W2K Advanced Server and installed DNS, but just did
the defaults. My network has 3 server:

PDC just upgraded to 2K from NT4 (One nic 192.168.x.x)
NT 4.0 BDC running Exchange 5.5 and IIS4 (Inet and Internal nics)
W2K server running WINS and RRAS (Inet and Internal nics)

My problem is that my Exchange 5.5 server called MAIL is multihomed and the
webserver for mydomain.com and mail.mydomain.com both with the same Internet
IP for both [216.x.x.x]. When trying to ping "mail" from one of my clients
on the network I am no longer getting a response back from 192.168.x.x. I
am getting it from the Internet side [216.x.x.x] and it also says my domain
name in the ping when it never did before.

When I type "ping mail" I get the following:

Pinging mydomain.com [216.x.x.x] with 32 bytes of data:

Reply from 216.x.x.x: bytes=32 time=37ms TTL=116
Reply from 216.x.x.x: bytes=32 time=37ms TTL=116
Reply from 216.x.x.x: bytes=32 time=37ms TTL=116
Reply from 216.x.x.x: bytes=32 time=37ms TTL=116

Ping statistics for 216.x.x.x:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 37ms, Average = 37ms

====================================
I used to see:


Pinging phase [192.168.x.x] with 32 bytes of data:

Reply from 192.168.x.x: bytes=32 time<1ms TTL=128
Reply from 192.168.x.x: bytes=32 time<1ms TTL=128
Reply from 192.168.x.x: bytes=32 time<1ms TTL=128
Reply from 192.168.x.x: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.x.x:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

When the PDC was running NT 4.0 we did not have internal DNS servers. W2K
Active Directory forces DNS install so I just accepted the defaults and then
this problem started. The only thing DNS related that I did on the upgraded
W2K PDC was to enter the IP address, gateway, Primary and Secondary ISP's
DNS sever and list the PDC's nic as a DNS entry as well.

One more piece of info. When I remove the ISP's DNS server entries from my
"clients", the internal network IP on MAIL is then addressed instead of the
external nic when I ping and then I can access Exhange Server and files. If
I ping server1 or server2 I get internal IPs probably since I don't have
server1.mydomain.com and server2.mydomain.com listed on the Internet.

 

[Jordan]

Never mind. I found a work around that is actually better.

Since it seems that installing DNS to get AD to be functional caused my
computers to start looking for server MAIL as mail.mydomain.com I decided to
just go and build on W2K DNS rather than try to hobble it. I configured the
W2K DNS to forward to my ISP's DNS servers and have the clients configured
with the W2K server as the DNS server.

Since the W2K DNS server is single homed and on the internal network, it is
looking at MAIL's internal IP first rather than routing out to the Internet
and looking up mail.mydomain.com.

For some reason, some of my clients can no longer connect to one of my
servers that is multihomed with one internal nic and one Internet nic. The
Internet Nic has all ports blocked except for web access on ports 25 and 80.
When the clients ping that server by name "mail", they get a response from
the external nic, not the internal nic as they had for the past few years.

I have just started my upgrade to Windows 200x server from NT 4.0 Server. I
just upgraded the PDC to W2K Advanced Server and installed DNS, but just did
the defaults. My network has 3 server:

PDC just upgraded to 2K from NT4 (One nic 192.168.x.x)
NT 4.0 BDC running Exchange 5.5 and IIS4 (Inet and Internal nics)
W2K server running WINS and RRAS (Inet and Internal nics)

My problem is that my Exchange 5.5 server called MAIL is multihomed and the
webserver for mydomain.com and mail.mydomain.com both with the same Internet
IP for both [216.x.x.x]. When trying to ping "mail" from one of my clients
on the network I am no longer getting a response back from 192.168.x.x. I
am getting it from the Internet side [216.x.x.x] and it also says my domain
name in the ping when it never did before.

When I type "ping mail" I get the following:

Pinging mydomain.com [216.x.x.x] with 32 bytes of data:

Reply from 216.x.x.x: bytes=32 time=37ms TTL=116
Reply from 216.x.x.x: bytes=32 time=37ms TTL=116
Reply from 216.x.x.x: bytes=32 time=37ms TTL=116
Reply from 216.x.x.x: bytes=32 time=37ms TTL=116

Ping statistics for 216.x.x.x:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 37ms, Average = 37ms

====================================
I used to see:


Pinging phase [192.168.x.x] with 32 bytes of data:

Reply from 192.168.x.x: bytes=32 time<1ms TTL=128
Reply from 192.168.x.x: bytes=32 time<1ms TTL=128
Reply from 192.168.x.x: bytes=32 time<1ms TTL=128
Reply from 192.168.x.x: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.x.x:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

When the PDC was running NT 4.0 we did not have internal DNS servers. W2K
Active Directory forces DNS install so I just accepted the defaults and then
this problem started. The only thing DNS related that I did on the upgraded
W2K PDC was to enter the IP address, gateway, Primary and Secondary ISP's
DNS sever and list the PDC's nic as a DNS entry as well.

One more piece of info. When I remove the ISP's DNS server entries from my
"clients", the internal network IP on MAIL is then addressed instead of the
external nic when I ping and then I can access Exhange Server and files. If
I ping server1 or server2 I get internal IPs probably since I don't have
server1.mydomain.com and server2.mydomain.com listed on the Internet.

 

[Alan Wood [MSFT]]

Hi Jordon,
All you need to do is uncheck the box on the DNS tab of TCPIP
properties on the External interface that states "register this connections
address in DNS" then on the internal DNS server delete the record that
has the External IP address assocaited with it.

Thank you,

Alan Wood[MSFT]

This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Alan Wood [MSFT]]

Hi Jordon,
That was good idea. What I mean by that is since you have upgraded
to W2K Directory Services all the clients and systems that are W2K and
above HAVE to use your internal DNS server for Authentication purposes.
Please remember still uncheck that box the Exchange Server or it will
register the record in DNS.

Thank you,

Alan Wood[MSFT]

This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Jordan]

Thanks and I have another related question.

I put another server and I am running RRAS on it and I called it RRAS. I
have the internal nic setup for 192.168.100.100. DHCP will issue addresses
from 50-99. I just tried to ping RRA and it responded with one of the VPN
port numbers, not the static IP. Do I have to manually put in a DNS record
to avoid this?

FYI - I have Win9x and NT 4.0 clients that still connect to the network
remotely so I had to install WINS so the Win 9x clients could log onto the
domain. The RRAS server is running the WINS service.

 

[Jonathan de Boyne Pollard]

J> When I remove the ISP's DNS server entries from my "clients", [...]

<URL:http://homepages.tesco.net./~J.deBo...nt-all-proxies-must-provide-same-service.html>