Sign in with
Sign up | Sign in
Your question

anounces private instead of public IP

Last response: in Windows 2000/NT
Share
November 19, 2004 12:58:00 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Hi,

I have a server that runs as NAT server too. I created a DNS zone for the
domain. The records were filled automatically with both IPs of the server
(local and public). I tried to change the order of the IPs in the record so
that the public one is the first in the list but nothing changes, The server
announces 192.168.1.1 as its IP. I didn't remove the local IP because I
thought the local computers would get faster access to the server than
sending all packets to the outside network card. How can I set DNS to return
local IP only to internal users? Thank you.

Frank
November 19, 2004 1:43:14 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Disable the check in "register this connection in dns" on the external NIC.
Lee

"frank" <frank673@hotmail.com> wrote in message
news:ufGccUlzEHA.2656@TK2MSFTNGP14.phx.gbl...
> Hi,
>
> I have a server that runs as NAT server too. I created a DNS zone for the
> domain. The records were filled automatically with both IPs of the server
> (local and public). I tried to change the order of the IPs in the record
so
> that the public one is the first in the list but nothing changes, The
server
> announces 192.168.1.1 as its IP. I didn't remove the local IP because I
> thought the local computers would get faster access to the server than
> sending all packets to the outside network card. How can I set DNS to
return
> local IP only to internal users? Thank you.
>
> Frank
>
>
Anonymous
November 20, 2004 12:52:01 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:uCbYfblzEHA.4028@TK2MSFTNGP15.phx.gbl,
Lee <leweb2000@hotmail.com> made a post then I commented below
> Disable the check in "register this connection in dns" on the
> external NIC. Lee
>

Unfortunately Lee, that won't stop registration, since the machine is a DNS
server. Registry entries will be required to stop this default behavior.


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--
=================================
Anonymous
November 20, 2004 12:59:27 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:ufGccUlzEHA.2656@TK2MSFTNGP14.phx.gbl,
frank <frank673@hotmail.com> made a post then I commented below
> Hi,
>
> I have a server that runs as NAT server too. I created a DNS zone for
> the domain. The records were filled automatically with both IPs of
> the server (local and public). I tried to change the order of the IPs
> in the record so that the public one is the first in the list but
> nothing changes, The server announces 192.168.1.1 as its IP. I didn't
> remove the local IP because I thought the local computers would get
> faster access to the server than sending all packets to the outside
> network card. How can I set DNS to return local IP only to internal
> users? Thank you.
>
> Frank

Frank, is the purpose of this DNS server to host public records, internal
records, or both? Is the internal usage for an AD installation? Can you
elaborate on the purpose of this server please?

You are seeing one of the classic problems with multihoming a DNS server.
Keep in mind, DNS will respond with an IP based on subnet priortization. If
an internal client that resides on the internal subnet of the internal NIC,
the client will get the internal private IP. If the client is on a different
internal subnet, then Round Robin kicks in place. IN addition, if it's a NAT
server, if the public IP were to be given to an internal client, the
request, a NAT server cannot take an internal request to the external
interface and forward it back in again. THat's a limitation of NAT (no
matter what name brand).

If I may suggest, if you are trying to host public and private data, two
separate servers will be required. One for private data, one for public
data. In addition, the DNS server is highly recommended not to be
multihomed, and will also suggest to purchase an inexpensive (USD$30.00)
LInksys router to handle NAT.

There are registry entries to force de-registration of the external,
internal or both IPs, and the LdapIpAddress and GcIpAddress as well, but not
sure if itw ill apply to your case since I do not know enought about the
intentions, your infrastructure or the purpose of this machine.


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--
=================================
!