Reverse Lookup Zone question

[Slater]

Can you have more than 1 reverse lookup zone per subnet?

I have 2 seperate domains in a forest; both in the same subnet (using
AD-interated DNS). Do I configure reverse lookup zones in each domain, even
though they cover the same subnet? My gut tells me I shouldn't, but without
creating a reverse lookup zone in each domain how can a machine in each of
the 2 domains resolve a reverse query? Will I cause problems by having
reverse lookup zones in 2 seperate domains for the same subnet?

The only other way I can think to do this is to use the new replication
option in 2003 "To all DNS servers in the AD forest XYZ." Is this one of the
cases why this option was created?

 

[Slater]

Our servers use static IP addresses, but we have a range of dynamic
addresses for users that use DHCP.

Why?

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Can you have more than 1 reverse lookup zone per subnet?

I have 2 seperate domains in a forest; both in the same
subnet (using AD-interated DNS). Do I configure reverse
lookup zones in each domain, even though they cover the
same subnet? My gut tells me I shouldn't, but without
creating a reverse lookup zone in each domain how can a
machine in each of the 2 domains resolve a reverse query?
Will I cause problems by having reverse lookup zones in 2
seperate domains for the same subnet?

The only other way I can think to do this is to use the
new replication option in 2003 "To all DNS servers in the
AD forest XYZ." Is this one of the cases why this option
was created?

You'll have to use one zone with forest wide replication.
That being said, are these all static addresses or dynamic with one DHCP
server?

 

[Ed Horley]

If the subnet that you have overlapping domain names in is all static (for
instance nothing but servers) you could statically build the entries for the
reverse DNS. You would have to do the changes manually for entries but
since they are static anyway that is just another item to add to the
checklist for the build out/change/removal forms.

If you have dynamic client IP addresses in the subnet (DHCP clients) that
overlaps then it will be tougher to solve. Since the two are in a forest
you will have to give us a bit more information about how your DNS is set up
to help you figure out if you can play some games in terms of rDNS
resolution.

Is it possible to migrate one of the domains off that subnet? If so, life
would be easier to ensure that forward/reverse is done dynamically.

Regards,
Ed Horley

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Our servers use static IP addresses, but we have a range
of dynamic addresses for users that use DHCP.

Why?

Just wondering if you have two DHCP servers assigning the same IP addresses.

 

[Slater]

No, my plan was to have a single DHCP server for the entire forest. Is this
possible?

 

[Ace Fekay [MVP]]

In

No, my plan was to have a single DHCP server for the entire forest.
Is this possible?

Yes, its possible. You would have to configure a DHCP Relay agent on each
subnet, where this relay agent will "listen" to DHCP requests, forward it to
the DHCP server IP addresses (that's configured in the DHCP relay agent
properties), then the DHCP server will send the response to the relay agent,
then the relay agent will 'broadcast' it out to the clients.

I think its easier to have a DHCP on each subnet. With a single server,
there's a single point of failure.

How to configure a Relay Agent (RRAS):
http://www.microsoft.com/resources/...tacenter/proddocs/en-us/mpr_how_dhcprelay.asp

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Slater]

Ace -

Our Cisco routers have a DHCP relay function - I assumed that's all I needed
to enable to make it all work. Is there some sort of Microsoft service I
need to install on a box in each subnet to act as a relay agent?

Also, as far as the DHCP server itself, we have 3 subnets and 2 domains - a
forest root domain (root.com) which is on it's own subnet, and a tree root
domain (corp.com). The corp.com domain is the one that all of my users are
in. Corp.com has 2 subnets - one subnet is dedicated to our QA department,
which is an OU in the corp.com domain. The other subnet in the corp.com
domain is where everyone else is.

Which domain should the DHCP server belong to (or does it matter)? And how
does DHCP know which domain to dymanically register machines in? If I throw
a NT4 laptop on the root.com domain, and get an IP address via DHCP, will
the DHCP server know to register my IP in root.com DNS and not corp.com?

As far as a single point of failure, we currently have a single DHCP server
and have never had an issue with it for years (knock on wood). It's a small
office with 50 people so I'd like to keep it simple with 1 DHCP server if
possible.

TIA,
- Slater


"Ace Fekay [MVP]"

 

[Ace Fekay [MVP]]

In

Ace -

Our Cisco routers have a DHCP relay function - I assumed that's all I
needed to enable to make it all work. Is there some sort of Microsoft
service I need to install on a box in each subnet to act as a relay
agent?

Also, as far as the DHCP server itself, we have 3 subnets and 2
domains - a forest root domain (root.com) which is on it's own
subnet, and a tree root domain (corp.com). The corp.com domain is the
one that all of my users are in. Corp.com has 2 subnets - one subnet
is dedicated to our QA department, which is an OU in the corp.com
domain. The other subnet in the corp.com domain is where everyone
else is.

Which domain should the DHCP server belong to (or does it matter)?
And how does DHCP know which domain to dymanically register machines
in? If I throw a NT4 laptop on the root.com domain, and get an IP
address via DHCP, will the DHCP server know to register my IP in
root.com DNS and not corp.com?

As far as a single point of failure, we currently have a single DHCP
server and have never had an issue with it for years (knock on wood).
It's a small office with 50 people so I'd like to keep it simple with
1 DHCP server if possible.

TIA,
- Slater

Sorry for not getting back to you sooner. I thought I had marked this thread
as 'watched' My bad.

Yes, one DHCP server is possible. If you configure your Cisco routers as
RelayAgents (o 'listen' to DHCP broadcasts on other subnets, just specify
your Microsoft DHCP server. It doesn't matter what domain DHCP is part of.
It will register into whatever DNS the client is configured to use.

Ace