DNS Redundancy
We have one domain controller whose ip is 192.168.1.2 where dns is also installed . Now i have configured another addtional domain controller whose ip is 192.168.1.3 where dns is also installed. Now the scenario is
I have got 2 dns primary is 192.168.1.2 & secondary is 192.168.1.3 .
Now my question is if my primary dns goes down user can access internet through 192.168.1.3 for this what i have to do .
I am using windows server 2012 standard r2 edition. I have setted both primary & secondary dns in clients & even checked with shutdown of primary dns / dc user cant access the internet.
Hi,
Actually a DNS server is not specifically "primary" or "secondary". I assume you talked about the Preferred DNS server and Alternate DNS servers.
I agree with Jesper. The preferred DNS is a specified primary choice to handle Internet protocol mapping. If the preferred choice times out after a time limit defined by the operating system, it will then attempt to try the alternate DNS if the alternate DNS
server is configured correctly. You can also add a DNS forwarder to perform external name resolution.
In addition, the loopback IP address should be configured as one of the DNS servers on each active network adapter, but not as the first DNS server. You can also add 127.0.0.1 as an alternate DNS server, or you may receive a warning from BPA:
DNS: DNS servers on <adapter name="">should include the loopback address, but not as the first entry</adapter>
Best regards,
Susie
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]
Similar Messages
-
Problems with setting up DNS Redundancy - Mavericks
Hi All,
I'm attempting to setup a 2nd OSX server for OD, DNS and DHCP redundancy. I've followed all instructions I have found online but I'm having problems . below is what I'm running and what I've done.
Main server.
server.superannuationproperty.org - 10.0.0.1.
Failover 2nd server
server2.superannuationproperty.org - 10.0.0.9
1. I setup zone transfers on the Primary and Reverse zones - main server.
2 On Failover server added a Secondary zone - server.superannuationproperty.org with IP 10.0.0.1 and for the Reverse in my case was 1.0.0.10.in-addr.arpa and 10.0.0.1.
3. Added forwarding servers on the Failover as 8.8.8.8 and ISP DNS server (as it is on the main server)
4 Changed Failover DNS settings to point to itself first then to the ISP DNS and 8.8.8.8
Internet is working fine on the server but I can't ping server2.superannuationproperty.org and when I run a "checkhostname" I get "The DNS hostname is not available, please repair DNS and re-run this tool" message.
I assume this is why my OD replica isn't working too. I'm able to add the replica ok but when creating new users on the main, they show up on the failover but with "not allowed" I'm also unable to login to clients when the main server is powered off.
Does anyone know what I'm doing wrong here??
Thanks in advance.Thanks for your reply. I have DHCP redundancy working by dishing out two different ranges and yes i've set DHCP so clients get both servers. 10.0.0.1 and 10.0.0.9
I still can't get DNS to work however.... after stuffing around with it today i decided to start from scratch and rebuilt the failover server with a fresh copy of Mavericks and Server.
I gave the server a local address this time server2.local
I setup a secondary zone of Server.superannuationproperty.org - 10.0.0.1 and Reverse of 1.0.0.10.in-addr.arpa - 10.0.0.1
After running a "checkhostname" i'm still getting "The DNS hostname is not available, please repair DNS and re-run this tool."
I ran nslookup on 10.0.0.9 with "server can't find 9.0.0.10.in-addr.arpa.: NXDOMAIN" and on server2.local with "server can't find server2.local: NXDOMAIN"
i can ping server2.local however...
I can't figure out what i'm doing wrong. I don't want to attempt to join the Master OD until I have DNS sorted out.
I checked the logs under DNS config see below. From what i can see it's transferred the zone info from the main server, i just don't know what's wrong??? Thanks.
3-Mar-2015 15:09:18.242 managed-keys-zone/com.apple.ServerAdmin.DNS.public: loaded serial 0
03-Mar-2015 15:09:18.244 zone 0.0.127.in-addr.arpa/IN/com.apple.ServerAdmin.DNS.public: loaded serial 1997022700
03-Mar-2015 15:09:18.249 zone localhost/IN/com.apple.ServerAdmin.DNS.public: loaded serial 42
03-Mar-2015 15:09:18.249 all zones loaded
03-Mar-2015 15:09:18.249 running
03-Mar-2015 15:09:18.251 zone 1.0.0.10.in-addr.arpa/IN/com.apple.ServerAdmin.DNS.public: Transfer started.
03-Mar-2015 15:09:18.252 transfer of '1.0.0.10.in-addr.arpa/IN/com.apple.ServerAdmin.DNS.public' from 10.0.0.1#53: connected using 10.0.0.9#50354
03-Mar-2015 15:09:18.294 zone 1.0.0.10.in-addr.arpa/IN/com.apple.ServerAdmin.DNS.public: transferred serial 2015030303
03-Mar-2015 15:09:18.294 transfer of '1.0.0.10.in-addr.arpa/IN/com.apple.ServerAdmin.DNS.public' from 10.0.0.1#53: Transfer completed: 1 messages, 4 records, 178 bytes, 0.042 secs (4238 bytes/sec)
03-Mar-2015 15:09:18.294 zone 1.0.0.10.in-addr.arpa/IN/com.apple.ServerAdmin.DNS.public: sending notifies (serial 2015030303)
03-Mar-2015 15:09:18.752 zone server.superannuationproperty.org/IN/com.apple.ServerAdmin.DNS.public: Transfer started.
03-Mar-2015 15:09:18.752 transfer of 'server.superannuationproperty.org/IN/com.apple.ServerAdmin.DNS.public' from 10.0.0.1#53: connected using 10.0.0.9#50355
03-Mar-2015 15:09:18.754 zone server.superannuationproperty.org/IN/com.apple.ServerAdmin.DNS.public: transferred serial 2015030303
03-Mar-2015 15:09:18.754 transfer of 'server.superannuationproperty.org/IN/com.apple.ServerAdmin.DNS.public' from 10.0.0.1#53: Transfer completed: 1 messages, 4 records, 159 bytes, 0.001 secs (159000 bytes/sec)
03-Mar-2015 15:10:21.878 received SIGHUP signal to reload zones
03-Mar-2015 15:10:21.903 loading configuration from '/Library/Server/named/named.conf'
03-Mar-2015 15:10:21.904 using default UDP/IPv4 port range: [49152, 65535]
03-Mar-2015 15:10:21.904 using default UDP/IPv6 port range: [49152, 65535]
03-Mar-2015 15:10:21.921 sizing zone task pool based on 5 zones
03-Mar-2015 15:10:21.950 reloading configuration succeeded
03-Mar-2015 15:10:21.960 reloading zones succeeded
03-Mar-2015 15:10:21.992 all zones loaded
03-Mar-2015 15:10:21.992 running
03-Mar-2015 15:22:37.333 received SIGHUP signal to reload zones
03-Mar-2015 15:22:37.333 loading configuration from '/Library/Server/named/named.conf'
03-Mar-2015 15:22:37.334 using default UDP/IPv4 port range: [49152, 65535]
03-Mar-2015 15:22:37.334 using default UDP/IPv6 port range: [49152, 65535]
03-Mar-2015 15:22:37.350 sizing zone task pool based on 5 zones
03-Mar-2015 15:22:37.354 reloading configuration succeeded
03-Mar-2015 15:22:37.355 reloading zones succeeded
03-Mar-2015 15:22:37.365 all zones loaded
03-Mar-2015 15:22:37.365 running
03-Mar-2015 15:24:19.671 received SIGHUP signal to reload zones
03-Mar-2015 15:24:19.671 loading configuration from '/Library/Server/named/named.conf'
03-Mar-2015 15:24:19.672 using default UDP/IPv4 port range: [49152, 65535]
03-Mar-2015 15:24:19.672 using default UDP/IPv6 port range: [49152, 65535]
03-Mar-2015 15:24:19.688 sizing zone task pool based on 5 zones
03-Mar-2015 15:24:19.694 reloading configuration succeeded
03-Mar-2015 15:24:19.695 reloading zones succeeded
03-Mar-2015 15:24:19.703 all zones loaded
03-Mar-2015 15:24:19.704 running -
CSS Zone based DNS for Site Redundancy?
I am in the process of changing from rules based dns to zone based dns. I had used the document below to provide redundancy between 2 sites.
http://www.cisco.com/en/US/products/hw/contnetw/ps792/products_configuration_example09186a00801dcd75.shtml
The is an acl in the document which says
"If the primary site is up, then this ACL will tell requests landing on this site to prefer the Primary site.
clause 10 permit any any destination content owner_backup/WWW-backup prefer hacked_redirectt
clause 99 permit any any destination any
apply circuit-(VLAN1)
apply dns
Once I implemented a dns-server zone, this acl no longer has an effect. The requests are round robbining unless I set the dns-server zone to preferlocal. Unfortunately this does not solve my problem, if the main site is up both css's should prefer the main site.
How is this same thing accomplished with zone based dns, or is it even possible? Thanks.Anyone? Gilles, any words of advice?
I found this in the documentation for acl's, it states...
"If you configure a CSS with the dns-server command, and the CSS receives a
DNS query for a domain name that you configured on the CSS using the host
command, the DNS query will not match on an ACL that is configured with the
apply dns command.
However, if you configure a domain name on a content rule on a CSS using the
add dns domain_ name command, a DNS query for that domain name will match
on an ACL that is configured with the apply dns command."
The problem with this statement is I am not using the "host" command and I am also not using the "add dns" command. I am using the "dns-record a" command. -
CSS redundant interface and DNS server
We're attempting to implement a pair of CSS's using redundant ASR and GSLB where the CSS's act as DNS servers.
But I'm not sure if the 2 features are compatible. The CSS's answer DNS queries to their direct interface but not the redundant interface.
Does anyone have any suggestions or work-arounds? We're running version 8.20.
TIA,
DanDan doing some research I can see that the option to configure redundant-interface to resolve dns queries is not included on CSS 11500 series, this from the documentation.
On the document for CSS 11000 series that I provided before shows:
Configuration Requirements and Restrictions
The following requirements and restrictions apply to the configuration of this feature.
â¢You can configure this feature only on Cisco 11000 series CSSs (not 11500)
If I look at the redundant-interface configuration on old CSS 11000 series I see the option for dns:
http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11000series/v6.10/configuration/advanced/guide/VIPRedun.html#wp1067528
Look at this line:
dns-server - Keyword that enables the CSS to respond to DNS queries destined for the redundant interface IP address. For more information, see the "Configuring a Redundant Virtual Interface to Respond to DNS Requests" section.
On new CSS 11500 series this option is not available:
http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v8.20_v8.10/configuration/redundancy/guide/VIPRedun.html#wp1067528
I am trying to find if there is any workaround but so far semms that is expected to miss this feature on CSS11500. -
Redundant domain controller DNS settings
Hi guys,
We have two domain controllers, both DNS and GC. I am curious as to what the recommended IP DNS settings should be for both DCs? I think it is like this...
DC1
DNS1 - DC2
DNS2 - DC1
DC2
DNS1 - DC1
DNS2 - DC2
Is this the right setup?
Thanks
AaronIs this the right setup?
Yes it is correct. I would go with 127.0.0.1 for 'Alternate DNS server'.
Mahdi Tehrani |
|
www.mahditehrani.ir
Please click on Propose As Answer or to mark this post as
and helpful for other people.
This posting is provided AS-IS with no warranties, and confers no rights.
How to query members of 'Local Administrators' group in all computers? -
NLS Redundancy using DNS Round Robin
Hello, I have searched the internet and this forum for my question but I couldn't find the answer anywhere.
Would it be an option to use DNS Round Robin as a 'fail over' mechanism for the DA NLS Server?
To explain our situation a little: We have a few branch offices and it happens sometimes that the site-to-site VPN tunnel between the branch office and the main office breaks (e.g. internet outage in the main office). In those situations it would be best to
have a NLS server in another office to prevent users from losing conenctivity to the network because of the first NLS server being unreachable (we have a full-mesh network between the offices).
But how does the DA mechanism respond to a DNS result with multiple IP addresses when querying for the NLS server? Most browsers will go to the 2nd IP address in case the 1st IP address is unreachable in such a situation. Will DirectAccess also do this?
I hope I explained our situation and question OK.Jason,
I may have found something else. Apparently netmask ordering uses a default subnet mask of /24 (255.255.255.0) This is why the subnet must match. Apparently you can change the netmask used by netmask ordering:
Description of the netmask ordering feature and the round robin feature in Windows Server 2003 DNS
http://support2.microsoft.com/kb/842197
Not every customer may use this solution, but it might provide an solution for some customers. It all depends on their address scheme. Allow me to explain...
Imagine you have one datacenter and three branch offices. Each branch office owns a /16 subnet:
- Datacenter (10.100.0.0/16)
- Branch Office 1 (10.110.0.0/16)
- Branch Office 2 (10.120.0.0/16)
- Branch Office 3 (10.130.0.0/16)
Of course the whole /16 sunnet is not used on a site, intead multiple VLAN's with a /24 subnet are used at each site. A VLAN for servers and clients.
Now imagine you have an NLS in each server VLAN at each site. You configure RR for those NLS. If you query from a server next to an NLS, that NLS will be on top of the DNS query result. if you query from a client in another VLAN, the client will get
random DNS results because the client has another network ID. This is because the default netmask used by netmask ordering is 255.255.255.0 (/24).
If you change the netmask used by netmask ordering to 255.255.0.0 (/16) that will give you the nearest NLS on top.
But not every customer uses a /16 subnet for each site. So, that's why it won't be usable for everybody.
Ok, it is not an Enterprise solution and does not get the nobel prize, but what do you think?
Boudewijn Plomp | BPMi Infrastructure & Security
This posting is provided "AS IS" with no warranties, and confers no rights. Please remember, if you see a post that helped you please click "Vote as Helpful", and if it answered your question, please click "Mark as Answer".
Ah, ok...sorry I assumed you knew that! Normally NMO needs to be 'tuned' to match the branch office subnets to get the expected/best results. That KB is pretty invaluable to setup it up properly. Like you say it does depend on customer having logical/consistent
subnet boundaries definitions for it to work effectively though. I never said NMO was perfect :)
Jason Jones | Security Consultant | Microsoft Consultant Services (MCS) -
Hello,
I have installed TMG with 3 NICs such as ISP1, ISP2 and Internal
I configured the ISP1 and ISP2 interfaces with IP addresses and default gateways and
configured internal NIC with IP address, but Default Gateway.
I installed DNS service on TMG and configured the forwarders pointing to ISP DNS servers.
Finally Internal NIC DNS configuration
Primary : 127.0.0.1
Alternative: Internal AD DNS servers
Configured persistent routes
=============================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
10.0.0.0 255.0.0.0 10.1.2.1 1
( Internal LAN)
1.1.1.1 255.255.255.255 192.168.5.1 2 ( ISP1 DNS Server)
2.2.2.2 255.255.255.255 192.168.4.2 3 ( ISP2 DNS
Server)
0.0.0.0 0.0.0.0 192.168.4.2 Default
0.0.0.0 0.0.0.0 192.168.5.1 Default
Now I am trying to join the TMG server to domain but failed. Error saying that cannot resolve domain name
I would highly appreciate any help.
ThanksSo far now everything is working.
Just a summary
- Installed the DNS service on TMG.
- Configured the forwarders pointing to ISP 1 & 2 DNS servers.
- Configured the conditional forwarder to forward DNS request to internal DNS server for AD authentication.
- Internai NIC DNS
Primary : 127.0.0.1 ( local host TMG )
Alternative: Internal DNS servers. -
We would like to request Microsoft Remote Desktop (MRD) to behave the same as the open source CoRD.app on OS X with respect URL resolution.
Example:MRD will resolve from Terminal rdp://full%20address=s:<IP or DNS Name>, but not rdp://<IP or DNS Name>
As the OS will respect any of the following protocols in Terminal or browser:
afp://<username>@<IP or DNS Name>
cifs://<username>@<IP or DNS Name>
ftp://<username>@<IP or DNS Name>
ftps://<username>@<IP or DNS Name>
http://<username>@<IP or DNS Name>
https://<username>@<IP or DNS Name>
smb://<username>@<IP or DNS Name>
ssh://<username>@<IP or DNS Name>
vnc://<username>@<IP or DNS Name>
(<username> can be omitted to force authentication at connection) it seems slightly redundant to force "full%20address=s:" in the URL.
Can Version 8.0.1.6 be modified address this request?
What is the proper way to report an enhancement request or bug?
Thank you for your consideration.Hi,
From your description it appears that you want to modify the pattern for assigning the rdp full address but this doesn’t support as per your requirement. That is the default string which we need to have for passing full address.
Hope it helps!
Thanks.
Dharmesh Solanki
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
DNS for an Xserve NAT arrangement
Hi,
I've still struggling with Open Directory login and I'm now convinced my DNS is way off. I have full functionality with a simple clients to server to modem/router to ISP.
However, with a dual port xserve, a NAT arrangement keeping one port pointing to web access and the other to the internal mac client network I seem to be consistently wrong. Could anyone run through the basic DNS arrangements for such a set up. I believe it very close to the earlier mentioned setup with the addition of a record maybe?? I'm not sure.
ThanksYou are correct.
This is more a "running this by you all" post, as I've tried several things that have seemed, in a "UNIX" way, to be proper - you caught the part about the Zip Storm I gather, that was a mess, AppleTalk is a necessity.
It's only one of the few solutions I've seen and this is a tough nut to crack (properly). I appreciate you "checking the math".
Do you, or anyone have a safer suggestion where I can get the update but shut of Internet access to the private LAN and Xserve, while still allowing DNS, to operate?
I don't want (need) a redundant Internet gateway.
I appreciate your attention to this - it not as easy as it seems. -
Is anyone set up to use anycast for internal DNS?
Good Afternoon,
I've been considering using Anycast to provide some redundancy for internal DNS lookups. Configuring DNS and subsequent slave zones in Leopard is easy enough and as I understand it, Anycast is just a way of configuring routers so that one IP address can resolve to many different machines.
I see some of the benefits of using Anycast in that we can have the same 2 dns ip addresses in perpetuity and that as long as one node is up, people will be able to get out.
So my question to you guys: Has anyone done this? If so, is there anything I need to look out for before I start? Is there something you wish you'd known before you started down this path.
I'd love to hear your experiences and read any documentation you might have kept. I thought Mr Hoffman's write up on his DNS services was really excellent btw.
Cheers,
daveDo you have a particularly large infrastructure?
IP Anycast is usually implemented via BGP announcements from your router(s), with each router using the BGP tables to determine the 'best' server to use. If you're doing this for internal DNS then that assumes you're already running IBGP.
Even then, BGP is a pretty dumb protocol - all it does is say 'hey, here's how to get to a.b.c.d IP address'. It has no idea whether the specific server/service you're after is available at that address.
In other words, even if you setup IP Anycast via IBGP you'll still have clients routing to a dead server unless you can somehow update your BGP tables when a server goes down. Not a trivial task for most routers.
It sounds like what you really want is more load balancing than IP Anycast. There are numerous load balancers than can do this. Another option (if your DNS servers are physically close) is to use some kind of failover process so that the second server assumes the role (and IP address) of the first server should it fail (and vice versa). That option is built-in to Mac OS X Server (although it takes a little command-line jiggling to get it working).
Then again, the whole point of defining multiple DNS servers on the client is that the client will automatically fail over to alternate servers if it doesn't get a response from the first - in other words, the clients already have built-in failover for DNS (although the user will notice lookup delays when the primary server is offline). -
How to create A record on DNS server
How do i create an A record on the DNS server (windows server 2008) that would resolve into two ip addresses: PUB & SUB ip addresses respectivly, to enable EM redundancy in Cisco Unified Communications Manager 6.1.
Right now when the PUB failover to the SUB the EM does not work. the Phone services as well as the global directory does not work. the CUCM is fully integrated to LDAP.
Cisco recomends using an SLB but right now i am trying to use the DNS option. what i need now is how to create the A record on the DNS that would resolve into the two ip address of the PUB and SUB.You can do this but your results won't be quite as expected. I've played around with this and you'll see that the request for when you press the services button will go to server A, then when you click on the EM service your request will go to server B, then the login back to server A even though you started the login session with server B and back and forth, then with the authentication information, etc. Also DNS doesn't know about the state of your servers. If a server is down you'll still have issues if the name resolves to the down IP address. As far as I've seen DNS will always round robin with multiple records for the same name (unless you use an SRV record).
-
Exchange 2013 and DNS Round Robin downside?
Hi guys,
I have a question regarding Exchange Server 2013 (SP1) and the use of DNS round robin.
I have a customer that currently is running 2 CAS servers with NLB and we are currently investigating if it would be appropriate to move to a DNS RR solution so we can remove the CAS servers and install the CAS role on the Mailbox servers.
(yes I know that CAS with NLB and Mbx with DAG cannot be used on the same server)
What would be the downside of DNS RR?
Request 1 will go to first MBX server, Reqeust 2 to second MBX server, Request 3 to third MBX server and then start over again. If MBX server 1 goes offline, it will still be used within the DNS RR solution and clients will be redirected towards that server.
But how will clients react? Will Outlook 2010/2013 timeout since the server is not responding and do a autodiscover lookup again and then hopefully jump on the DNS that points towards another server?
Is this true for pop/imap or a receive connector for SMTP relay aswell?Hi Fredrik,
Hope this helps out...
Round robin doens't check the load on the network interfaces.It just passes on to the next one; for example Server1, Server2
If server1 has a lot of traffic on his nic he still get more traffic onto his nic when round robin wants to.
NLB gives some checkes on the load on the interfaces. Therefore it will make sure that that all servers has about the same amount of traffic.
In Windows NLB we can able to create port rules for the virtual ip which is not applicable when you go DNS Round Robin
DNS round robin the clients will see different IP addresses Wherea NLB uses single IP Address
DNS round robin is not a good solution for redundancy. If one of the nodes goes down, you first have to go and remove its A record from the DNS server but then it may take some time before such a change is propergated. In the meantime you may have a number
of clients attempt to access the dead IP.
With load balancing you can remove a host from the set immediately (if it doesn't detect an unresponsive host automatically). The only affect of a downed server on the clients would be if some of the clients had session
data on that server.
Exchange Queries -
DNS and other issues with SBS Server 2003
I see a lot of excellent information out here in the discussion group but I understand little of it. I am technology savvy but not an IT man, so please be patient when I ask questions to clarify your responses.
My first question should be an easy one to answer. Has anyone told you all that they appreciate your help today?
I DO !!! Thank you for your kind nature and your choice to help others (like me)!
Our 2003 SBS server has multiple issues. The server has two NICs; one for the WAN connection and one for the LAN.
Windows IP Configuration
Host Name . . . . . . . . . . . . : mathewsserver01
Primary Dns Suffix . . . . . . . : MathewsElectricalInc.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : MathewsElectricalInc.local
Ethernet adapter Mathews Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #1
Physical Address. . . . . . . . . : 00-1E-C9-CE-C5-E7
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
Ethernet adapter Network Connection to Router:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2
Physical Address. . . . . . . . . : 00-1E-C9-CE-C5-E6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.yyy.xxx.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.yyy.xxx.1
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
NetBIOS over Tcpip. . . . . . . . : Disabled
#1 In Event Viewer (Local) Application I have recurring event Source=Userenv Event 1053 every 9 minutes.
#2 In Event Viewer Directory Service I have recurring event Source=NTDS General Event 1126 every hour.
#3 In Event Viewer DNS Server I have recurring event Source=DNS Event 6702.
Also, I am surprised that the LAN NIC #1 is not set up as DHCP!
What information may you require to assist me?
tmath2 in HoustonHi,
Could you type “route print“ on CMD, and post the result here?
It would be helpful if you may describe the phenomenon of the problem? such as changes before the problem occurs, any prompt error message, related operations except for these logged Event ID.
You may reference the link below for reference.
Event Source Userenv and Event ID 1503:
http://www.microsoft.com/technet/support/ee/transform.aspx?ProdName=Windows+Operating+System&ProdVer=5.2&EvtID=1053&EvtSrc=Userenv&LCID=1033
Event Source NTDS and Event ID 1126:
http://support.microsoft.com/kb/305837
DNS 6702:
http://technet.microsoft.com/en-us/library/cc735806(v=WS.10).aspx
Best Regards,
Eve Wang
Thanks Eve! I appreciate your attempt to help. I inadvertently posted my reply for the Route table without quoting you first. Sorry about that.
As far as the problems go, time to logon to server > 5 minutes. Group Policy issues abound. DNS issues (as mentioned). Thought I had an easy one for you. Sorry about that.
I have one client computer running Windows 7x64 (call it My Workstation) that I back the server and other client PC's up to. The clients have no problem, but after a day or two, the server can no longer "see" the My Workstation and the backup fails.
But then when I reboot the My Workstation, the server "sees" it again!
Furthermore, I backup a 10TB RAID 6 array on
My Workstation to yet another client for redundancy (Call it WORKSTATION2-PC), but if I try to click on the computer icon in Windows Explorer for WORKSTATION2-PC, I get the error "Windows cannot access \\WORKSTATION2-PC. However if I type in
the ip address or WORKSTATION2-PC, I have no problems.
tmath2 in Houston -
DNS and Static IP Address Question on Solaris v10 X86
I�ve recently installed Solaris v10 X86 and have two questions. The system is a Dell E521 with 4GB RAM and 1GB SysKonnect NIC, and internet is provided via a cable modem, that�s plugged into a Netgear router, and the Solaris 10 box is plugged into the Netgear router via a CAT5 ethernet cable.
1. I can connect to my router login page using the following URL:
http://192.168.1.1/start.htm and I can also connect to various web pages such as yahoo, if I first "ping yahoo.com" (on another machine that�s internet enabled) and then plug the web site�s ip address into the Solaris/Mozilla browser. So it appears that I haven�t been successful at pointing the Solaris x86 at a DNS server to resolve the DNS name.
2. I've purchased a commercially available software package and it requires a static ip address for this Solaris x86 server. If the ip address changes, it�ll stop working by design and require that I reacquire the license file. When connecting through this Netgear router, how do I lock this Solaris v10 x86 server into a specific ip address? (the ip address floats presently when cycling my PC�s on/off) presently, and assume the Solaris box will too, usually through an ip range of 192.168.1.<1 through 5>
# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
skge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 192.168.1.3 netmask ffffff00 broadcast 192.168.1.255
ether 0:0:5a:9b:1f:10
# netstat -rn
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
192.168.1.0 192.168.1.3 U 1 1 skge0
224.0.0.0 127.0.0.1 U 1 0 lo0
default 192.168.1.1 UG 1 0
127.0.0.1 127.0.0.1 UH 8 163 lo0
Some of the present Netgear router settings:
Internet IP Address
Get Dynamically From ISP (yes)
Use Static IP Address (no)
IP Address 75.185. CROSSED-OUT3
IP Subnet Mask 255.255.248.0
Gateway IP Address 75.185.CROSSED-OUT4
Domain Name Server (DNS) Address
Get Automatically From ISP (yes)
Use These DNS Servers (blank)
Primary DNS ... (blank)
Secondary DNS ... (blank)
Netgear Router Status Page:
Account Name WGT624v3
Hardware Version V3H1
Firmware Version V2.0.16_1.0.1NA
Internet Port
MAC Address 00:40:ca:a8:CROSSED-OUT2
IP Address 75.185.CROSSED-OUT3
DHCP DHCPClient
IP Subnet Mask 255.255.248.0
Domain Name Server 65.24.7.3
65.24.7.6
LAN Port
MAC Address 00:18:4D:85:CROSSED-OUT1
IP Address 192.168.1.1
DHCP ON
IP Subnet Mask 255.255.255.0
Excerpt from doing a prtconf -D command:
pci10de,26f, instance #0 (driver name: pci_pci)
pci1028,8010, instance #0 (driver name: hci1394)
pci1148,5021, instance #0 (driver name: skge)
pci1028,1ed
pci1022,1100
The NIC is a SysKonnect 9821 1GB Ethernet card. The drivers in Solaris 10 were apparently very old and didn't install drivers or configure/plumb when I installed Solaris 10, so I downloaded the
latest drivers (hard to find!), followed the instructions and got the NIC drivers installed and then plumbed.
My router's ip address appears to be 192.168.1.1 and in one of the articles I've read, there is a recommendation to create a file (touch) within /etc named defaultrouter and enter the router's ip address. I did this, and the file now contains:
192.168.1.1
I also read where another file called resolv.conf needed to be pointed to a DNS server, which in this case, according to my Netgear router, and according to ipconfig/all on another WinBox on the same network, also shows the same 192.168.1.1 address for the DNS, so I created that file too (wasn't there) and it contains:
nameserver 192.168.1.1
There is a host name file called hostname.skge0 and it contains one line:
INTHOST
There is a hosts file, and it contains:
127.0.0.1 localhost loghost homex86
192.168.1.3 INTHOST
There is a netmasks file, and other than the commented out lines, it appears to contain one relevant line:
192.168.1.0 255.255.255.0
There is a nsswitch.conf file and other than the commented out lines, it contains:
passwd: files
group: files
hosts: files
ipnodes: files
networks: files
protocols: files
rpc: files
ethers: files
netmasks: files
bootparams: files
publickey: files
netgroup: files
automount: files
aliases: files
services: files
printers: user files
auth_attr: files
prof_attr: files
project: files
tnrhtp: files
tnrhdb: files
There is an nsswitch.dns file:
passwd: files
group: files
ipnodes: files dns
networks: files
protocols: files
rpc: files
ethers: files
netmasks: files
bootparams: files
publickey: files
netgroup: files
automount: files
aliases: files
services: files
printers: user files
auth_attr: files
prof_attr: files
project: files
tnrhtp: files
tnrhdb: files
Finally, I've also seen some advice using the folling command (and I tried it):
"route add default 192.168.1.1" as an alternative method of setting up route table
The only other command I've tried is:
"ifconfig skge0 192.168.1.1 netmask 255.255.255.0 up" but I suspect that was redundant as the plumb command I used to get the NIC functioning earlier probably already provided what was needed.
Finally, on this small network, I ran an ipconfig/all on a Windows based PC, to see what network settings were reported through the wireless connection, and this is an excerpt of that information:
C:\Documents and Settings\mark_burke>ipconfig/all
Windows IP Configuration
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
Physical Address. . . . . . . . . : (withheld)
Ethernet adapter {xxxxxxxx}:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Nortel IPSECSHM Adapter - Packet Scheduler Min
iport
Physical Address. . . . . . . . . : (withheld)
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1370 WLAN Mini-PCI Card
Physical Address. . . . . . . . . : (withheld)
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.1I�ve recently installed Solaris v10 X86 and have two
questions. The system is a Dell E521 with 4GB RAM
and 1GB SysKonnect NIC, and internet is provided via
a cable modem, that�s plugged into a Netgear router,
and the Solaris 10 box is plugged into the Netgear
router via a CAT5 ethernet cable.
1. I can connect to my router login page using the
following URL:
http://192.168.1.1/start.htm and I can also connect
to various web pages such as yahoo, if I first "ping
yahoo.com" (on another machine that�s internet
enabled) and then plug the web site�s ip address into
the Solaris/Mozilla browser. So it appears that I
haven�t been successful at pointing the Solaris x86
at a DNS server to resolve the DNS name.You can either copy nsswitch.dns to nsswitch.conf, or you can modify nsswitch.conf so that 'dns' is used for hostname lookups.
2. I've purchased a commercially available software
package and it requires a static ip address for this
Solaris x86 server. If the ip address changes, it�ll
stop working by design and require that I reacquire
the license file. When connecting through this
Netgear router, how do I lock this Solaris v10 x86
server into a specific ip address? (the ip address
floats presently when cycling my PC�s on/off)
presently, and assume the Solaris box will too,
usually through an ip range of 192.168.1.<1 through
5>One method is setting the router so that the server's MAC address is tied to a specific IP.
Otherwise you can edit /etc/hostname.<interface> and place a static address there, forgoing DHCP services from the router. You may want the address to appear outside the router's DHCP range.
Darren -
Guest N+1 redundancy & load balancing in seperate data centers
I need assistance in aquiring documentation to setup N+1 redundancy & load balancing between two seperate guest anchor controllers installed in seperate data centers. Can you explaing how it should be setup or point me in the right direction for documentation? If you can't point me in the right direction to aquire documentation; can you answer the following questions?
1) How do I setup my mobility groups on my guest anchor controllers installed in the DMZ? Should both guest anchor's be in the same mobility group.
2) Do both guest anchors share the same virtual IP or do they need to be seperate (DMZ01 - 1.1.1.1 / DMZ02 - 2.2.2.2)? I think seperate!
3) Are there any configuration parameters on the guest anchors for load balancing?
4) Do either on of the guest anchors need to be setup as a master controller? I'm not sure?
5) Are there any configuration parameters on the foreign controllers for load balancing?
6) How do I setup my foreign controllers? Should both guest controllers be added to the mobility group on the foreigh controller? I would think both of them would be added to the foreign controller mobility group.
7) Should both guest anchors be added as an anchor on the WLAN? I would think both controllers would need to be added as anchors under the WLAN!
8) Am I missing anything here? This is how I think it should logically work?
Thanks,
GordonI need to elaborate on my questions:
1) Do both of my guest DMZ anchors need to be in a seperate mobility group on their own or can the guest anchors be in completely seperate mobility groups? All 100 + foreign controllers are in seperate mobility groups.
I) Example #1: Guest anchor number 1 (Mobility group: DMZ) / Guest anchor number 2 (Mobility group: DMZ)
II) Example #2: Guest anchor number 1 (Mobility group: DMZ01) / Guest anchor number 2 (Mobility group: DMZ02)
2) Do both guest anchor controllers have to be configured with seperate virtual IP's or do they share the same address?
I) Follow up to this question: I want to register the DMZ controllers with our DNS servers so that my clients receive a name when authenticating through my customized webauth. I am currently using 1.1.1.1 as the virtual address and I'm pretty sure this is the address I need to register with my external DNS server. My question is this. Does the address I use for the virtual interface matter? 1.1.1.1 is not a valid address with my network. Do I need to assign a valid address registered with my network if I'm going to add this address to my external DNS servers?
3) No change to my original question.
4) No change to my original question.
5) No change to my original question. I have run into Cisco documentation that mentions guest anchor load balancing, but the documentation is very vague. I'd love to be able to load balance as the network group wants to limit my guest traffic to the internet. I could double my pipe if I could load balance the guest anchors.
6) No change to my original question, but the answer to question one is key to the setup of my foreign controllers.
7) Elaboration: Should both guest controllers be added as an anchor under the WLAN on the foreign controllers? I would think both of them would be added.
8) No change:
9) Should my secondary guest controller be added as an anchor on the WLAN of the primary guest DMZ controller and visa versa?
Can my Cisco expert answer this or do I need to open a TAC case?
Thanks,
Gordon Shelhon
SR. Wireless Services Engineer
Company: Not specified
Maybe you are looking for
-
Ipod is not recognized by the windows our the itunes
Hi I receive my ipod nano(2gb) by August, it was running fine, without a problem, but now i can recharge it because windows our itunes does not recognized my ipod is connected. I even have try to recharged in true the electricity but the resolte was
-
No Applicable data in Jump Report
Hi All, I am having some issue with jump report.We are able to see the data in multiprovider of both main and jump one..when we check in report for Asia region i am able to see data in main report but when we go to jump report i am getting No Applica
-
Working with video files in Captivate
We have recorded a short video that we want to insert as an animation in to Captivate. We've saved the wmv file using Moviemaker as an avi file, but Captivate doesn't like it. A message pops up to say "This avi file cannot be converted to swf". Any t
-
Hi, I need to update internal products price directly (instead of using COMMPR01). is there any standard reports or FM to update it? FYI.. i have tried the FM on function group: COM_PROD_CAT_REL and COM_COMM_PR_COND Thanks in advance. Renga
-
how I can put a form inside muse? contact.html -> form send.php -> answer very thanks