Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations MikeeOK on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

When I ping my domain, a remote DC responds

Status
Not open for further replies.
Nephilim33

Nephilim33

MIS
Apr 1, 2004
4
US
When I ping my domain name corp.vha.company a remote domain controller responds. When I $> nslookup, it shows all of my DNS / Domain Controllers, and the first one is the one that responds, but it isn't local.

The problem is that our developers all point to server names and we want them to point to just the domain for failover/redundancy reasons, and because we are about to upgrade the domain to 2003, which will change the server names.

Is there a way to change the order of which record will respond first based of the subnet/nework the host resides in?

Thanks in advance.
 
Sort by date Sort by votes
Sorry I'm not really understanding you. I assume you have AD-integrated DNS zones which is why a DC is responding to your nslookup query.

What do you mean by a remote DC is repsonding? Is it remote based on its physical location or based on its subnet?

By default, Windows 2000 DNS uses local subnet prioritization to respond to DNS queries. If for example 3 servers named sitting on different subnets then the client will always be pointed to the server on its own local subnet. This is done by design.

Steven S.
MCSA
A+, Network+, Server+, i-Net+
 
Upvote 0 Downvote
That is the way I understand it also, except it's not working that way. Instead of the DC responding that resides in this site, a regional or remote server is responding over a 56K line. I originally thought DNS would work it out automagically, but it isn't. FYI: The two DNS servers that are on site are in a different subnet than our clients. The two local DNS servers and the local clients are all in the same Site (as defined in Sites & Services).

And my problem is only with ping responses. LDAP binds and LOGON SERVER environment variables are resolving correctly (as defined in our site topology).
 
Upvote 0 Downvote
Sites do not determine which DNS record is returned. Is the DC on the same subnet as the clients? Did you bind the subnets to the sites within AD Sites and Services?

Steven S.
MCSA
A+, Network+, Server+, i-Net+
 
Upvote 0 Downvote
No, the DC is on a different subnet than the clients. Yes, I setup all the subnets in this building to the same site. I guess my question is "What determines which DNS record is returned when a client requests it?"

Again, keep in mind, these aren't ANAME records. We have 22 regional offices (DC's, ADI DDNS zones) and 2 DC's local. I don't know how to control which DC responds to a ping to the domain name.
 
Upvote 0 Downvote
Hmm... That is a good question. I've never really thought much about it because when you're pinging the domain name I assume it doesn't really matter which DC responds as long as you get a response.

If I were to guess, I would think it may have to do with FSMO roles, possibly the Domain naming master? Do you notice that the reply always comes from a particual IP address?

Steven S.
MCSA
A+, Network+, Server+, i-Net+
 
Upvote 0 Downvote
Yeah, always the same one. And it's the same one that returns first when you do a nslookup on my domain. Probably not a coincidence.

DNS has _ldap and _kerberos records to work this out, but nothing for straight up TCP. I'll just tell my developers to bind a different way so that it uses those records instead. Kinda out of my element, but hopefully they'll understand what I'm talking about. Thanks for your help. Let me know if you come across anything.

 
Upvote 0 Downvote
I tested this out too in my lab at home with the following configuration:

Linksys Router w/ DHCP - 192.168.1.1
DC1 - 192.168.1.2
DC2 - 192.168.1.3
MS1 - 192.168.1.4

DC1 was the first DC created in the domain and holds the DNS database for my domain. When I ping my domain name from either DC1 or MS1 I ALWAYS get a reply back from 192.168.1.2. When I ping the domain name from DC2 I get a reply back from 192.168.1.3.

I wonder if this has to do with the location of a GC. In my domain, only DC1 holds the GC role. When a DC needs to be located I think it queries the GC for a location of a DC. In the case of pinging from DC2 where it is not a GC but already a DC it has no reason to query the GC for a DC.

This is only speculation at this point as I need to go home and test that out. I'll let you know what happens.

Steven S.
MCSA
A+, Network+, Server+, i-Net+
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

willowsmith
  • Locked
  • Question
How do I log in to my NETGEAR home router?
Replies
1
Views
11K
ellisroks321
ellisroks321
A
  • Locked
  • Question
caller id not sending during transfer call
Replies
0
Views
3K
aperolina72
A
tomsmiths
  • Locked
  • Question
Unable to access my router
Replies
1
Views
11K
MarkSweetland
MarkSweetland
KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
10K
KenMeans
KenMeans
Blind Faith
  • Locked
  • Question
Bind9 master insisting on checking NS at root
Replies
5
Views
12K
YoBo7
YoBo7

Part and Inventory Search

Sponsor

Back
Top