Setting up multi-site 2KAD in office with no router

  • Thread starter Thread starter anonymous
  • Start date Start date
A

anonymous

Hope someone can help me, I am an NT4 & 2000 MCSE but only experienced
in one site/subnet domains. I am about to roll out AD in a company
that has multiple sites all with their own subnets.

To start with I am setting up two servers in my office and then I will
move them on site. The sites will have subnets like this:

192.168.n.0 where 'n' is the site number and subnet masks of
255.255.255.0

In my office I have no routers so I have set up the server's IP
addresses as: 192.168.3.15 and 192.169.12.15 (15 for some reason is
the designated server IP address!) with a subnet mask of 255.255.0.0

I have installed Win 2000 on 192.168.3.15 and run DCPROMO. I have
installed Win 2000 on 192.168.12.15 and run DCPROMO, no DNS was
installed by that so I installed DNS.

I am now a bit confused about setting up (logical) sites and how to go
about moving the servers into the (physical) sites. I have downloaded
the 'Branch Office Deployment/Planning Guide' but this seems a bit of
a big read and I am not sure if it will help me as it seems to be
overly complex. My environment is not really a head office/branch
office scenario, every site will have one DC and all are equal.

The fact that I have no router is a bit of a problem. What is the best
way to get around this? Is my method of changing the subnet to
255.255.0.0 in the office then back to 255.255.255.0 when I take them
on (physical) site going to cause me trouble? Would it be better to
pick one (logical) site and put all the DCs in there and then change
the IP of each DC as I move it to it's own physical site?

Is there a Microsoft document I should be looking at?!

Thanks in advance,
Ian
 
Hope someone can help me, I am an NT4 & 2000 MCSE but only experienced
in one site/subnet domains. I am about to roll out AD in a company
that has multiple sites all with their own subnets.
Click to expand...

Sites must have their own subnets; you really create sites
by defining all the subnets (or their summaries) and assigning
them to each site.
To start with I am setting up two servers in my office and then I will
move them on site. The sites will have subnets like this:
Click to expand...

First step in AD Sites and Services is to create each of the "Sites"
under the Transports->IP (right click).

192.168.n.0 where 'n' is the site number and subnet masks of
255.255.255.0
Click to expand...

If it is just one subnet per site, you "right click" and create each of
those "subnets" assigning it to the corresponding Site (created above.)

In my office I have no routers so I have set up the server's IP
addresses as: 192.168.3.15 and 192.169.12.15 (15 for some reason is
the designated server IP address!) with a subnet mask of 255.255.0.0
Click to expand...

I don't know what you mean by "15 for some reason...".
Either you picked them (or someone else did) or they were
chosen by accident due to DHCP or APIPA.

That address is a bit suspicious -- it isn't in 192.168.x.y and
it looks a bit like 169.254.x.y which is the "APIPA range."

Those two addresses will NOT route to each other by default
with those masks unless you add "static routes" to each of them.

It WILL WORK, but you have to help.

On 192.168.3.15 (command line):
Route add 192.169.0.0 mask 255.255.0.0 192.168.3.15

On 192.169.12.15 (command line):
Route add 192.168.0.0 mask 255.255.0.0 192.169.12.15
I have installed Win 2000 on 192.168.3.15 and run DCPROMO. I have
installed Win 2000 on 192.168.12.15 and run DCPROMO, no DNS was
installed by that so I installed DNS.
Good.

I am now a bit confused about setting up (logical) sites and how to go
about moving the servers into the (physical) sites. I have downloaded
Click to expand...

It's all in AD Sites and Services -- right click a lot and just guess
usually works. We can help you with specific questions and the
help covers this just fine.

The basics of AD Sites/Services:
Make sites.
Make subnets -- assign them to sites
Right click on any server to change it's site.

VERY IMPORTANT:
Make Site LINK so that each Site is linked to at least one other
site (full connectivity.)

Generally you do this by making site links that correspond to
your actual WAN connections.

Site Link "Cost" General principle -- inverse proportional to speed
of
line is a good first approximation.

T3 line = 3, T1=100, ISDN=1000 (close enough to start)
the 'Branch Office Deployment/Planning Guide' but this seems a bit of
a big read and I am not sure if it will help me as it seems to be
overly complex.
Click to expand...

Right. I understand. It is a big read for what I covered in a few
sentences
above AND what you can figure out from the GUI and maybe hitting help
a few times and then asking more questions here.
My environment is not really a head office/branch
office scenario, every site will have one DC and all are equal.

The fact that I have no router is a bit of a problem. What is the best
way to get around this? Is my method of changing the subnet to
255.255.0.0 in the office then back to 255.255.255.0 when I take them
Click to expand...

Those are not subnets, they are "subnet masks". You can avoid those
changes by using the real addresses and adding the manual routes
(or equivalent) described above.

Then when the real routers are there, you can just remove the manual
routes with :

route delete xxx xxxxxxx
on (physical) site going to cause me trouble? Would it be better to
pick one (logical) site and put all the DCs in there and then change
the IP of each DC as I move it to it's own physical site?
Click to expand...

I personally think you might be doing it the best way - -get it working
and then move it as is.

BTW, you haven't REALLY described your DNS configuration beyond
the one DNS server and THAT is what will cause 99% of all AD
problems, especially across sites.
Is there a Microsoft document I should be looking at?!
Click to expand...

You can call me -- see my website for phone number.

www.LearnQuick.Com
 
Hi Ian,

It is difficult to comment on what sites you should be
setting up without knowing what the links are between
your locations. All parts of a site will be connected by
LAN speed or greater links. What's the link between your
two locations.

As for building the servers. I would personally build
one first at the site in which you are located. Get this
working and then build the second server just as a W2K
member box. Install this at the second site and DCPromo
it. this can then be moved to a second AD site and its
subnet(s) configured.

NB. The initial replication during DCPromo will not be
too large as you are creating a new forest. However, if
the link is slow try and do this out of hours so the
users are not impeded.

Hope this is of some help. There are loads of MS
documents on this. I find the Best Practises guides
useful. Have a look at:

http://www.microsoft.com/windows2000/techinfo/default.asp

Regards

Mark.
 
Below:


Just notice I made a cock up and 192.169.12.15 should read
192.168.12.15 ... it's late in the day ...
I don't know what you mean by "15 for some reason...".
Either you picked them (or someone else did) or they were
chosen by accident due to DHCP or APIPA.
Click to expand...

Yes my client picked 15 as the server IP number ...
That address is a bit suspicious -- it isn't in 192.168.x.y and
it looks a bit like 169.254.x.y which is the "APIPA range."

Those two addresses will NOT route to each other by default
with those masks unless you add "static routes" to each of them.
Click to expand...

See above.
It WILL WORK, but you have to help.

On 192.168.3.15 (command line):
Route add 192.169.0.0 mask 255.255.0.0 192.168.3.15

On 192.169.12.15 (command line):
Route add 192.168.0.0 mask 255.255.0.0 192.169.12.15
Click to expand...

I presume I don't need this now both my servers are in the 192.168.x.x
range?
The basics of AD Sites/Services:
Make sites.
Make subnets -- assign them to sites
Right click on any server to change it's site.

VERY IMPORTANT:
Make Site LINK so that each Site is linked to at least one other
site (full connectivity.)

Generally you do this by making site links that correspond to
your actual WAN connections.

Site Link "Cost" General principle -- inverse proportional to speed
of
line is a good first approximation.

T3 line = 3, T1=100, ISDN=1000 (close enough to start)
Click to expand...

Cool. Thanks for that. The network is like a spider with no redundant
links so I guess cost doesn't really come in to it as there is always
only one router from any point to any other point.
Right. I understand. It is a big read for what I covered in a few
sentences
above AND what you can figure out from the GUI and maybe hitting help
a few times and then asking more questions here.
Click to expand...

I have skimmed through most of it now and it is even less useful due
to it's reliance on VBS scripts to accomplish some of the config ...
grr!
Those are not subnets, they are "subnet masks". You can avoid those
changes by using the real addresses and adding the manual routes
(or equivalent) described above.
Click to expand...

Sorry, I meant 'subnet mask' just being lazy ...

If I use two servers linked by a hub and with these addresses:

192.168.3.15/24 and 192.168.12.15/24 can I add manual routes to make
them talk? Sounds promising ...
Then when the real routers are there, you can just remove the manual
routes with :

route delete xxx xxxxxxx


I personally think you might be doing it the best way - -get it working
and then move it as is.

BTW, you haven't REALLY described your DNS configuration beyond
the one DNS server and THAT is what will cause 99% of all AD
problems, especially across sites.
Click to expand...

I'm hoping that it is working OK as it is AD integrated and I have
installed DNS on the two servers and they are replicating!
You can call me -- see my website for phone number.

www.LearnQuick.Com
Click to expand...

LOL. OK, maybe I am in the UK. Thanks for all the help though!

Ian
 
It is difficult to comment on what sites you should be
setting up without knowing what the links are between
your locations. All parts of a site will be connected by
LAN speed or greater links. What's the link between your
two locations.
Click to expand...

There are 15 sites! Everything is between 128kbps and 2000kbps but
most of the 128kbps is being upgrading to at least 512kbps. It is
built in a kind of 'spider' fashion. There is a central hub but a lot
of sites are connected to the hub only via other sites (sometimes up
to 3 hops away!)
As for building the servers. I would personally build
one first at the site in which you are located. Get this
working and then build the second server just as a W2K
member box. Install this at the second site and DCPromo
it. this can then be moved to a second AD site and its
subnet(s) configured.
Click to expand...

For political reasons we need to build in our office just now, when we
roll out the rest of the sites then we will do it on each site in turn
and replicate overnight.

Thanks for your input Mark,

Ian
 
Just notice I made a cock up and 192.169.12.15 should read
192.168.12.15 ... it's late in the day ...
Click to expand...

It really doesn't matter if they are not on the same network;
you still need to follow my outline.
Cool. Thanks for that. The network is like a spider with no redundant
links so I guess cost doesn't really come in to it as there is always
only one router from any point to any other point.
Right.

LOL. OK, maybe I am in the UK. Thanks for all the help though!
Click to expand...

Then you cannot use the 800 number <grin>

Actually, the cost of the call will be cheap -- MS used to charge
$300 an hour for me, and I charge more (when I charge, this offer
was free.)
 
I have followed your instructions (I actually used Routing and Remote
Access console rather than the command line) to employ static routing
between the sites through the hub and it works fine.

Thanks again for the offer of the free support!

Now I am on to wrestling with GPMC and locking down some desktops ...

Ian
 
Thanks again for the offer of the free support!

No, problem. You're welcome. Have fun.
 
Back
Top