none
server 2008 dns? what is best practice for nic settings?

    Question

  • i have installed server 2008 and ad with dns and we have a dual nic setup. One for the lan and other for the internet. We are having problems with vista clients loggin into the domain. i looked into the nic properties and the dns is 127.0.0.1.

     

    What is the best way to setup the properties for the nic ip4?

     

    Example:

    Lan nic ip: 10.0.0.10

    Subnet      255.255.255.0

    Gateway  (we left this blank because we keep getting an error about dublicate gateways.)

    Dns ip      10.0.0.10 (since this is the DC doing dns

     

    IP NIC address: 10.0.0.50

    Subnet      255.255.255.0

    Gateway  10.0.0.1 (this is the routers ip)

    Dns? Not sure if this should be the other nic 10.0.0.10 of the server doing dns? when we setup ad & dns it put 127.0.0.1

    the Internet providers dns servers address are setup in DNS as a foward. So what shoud the dns be. Better yet would you please show what a best practice settings would be for a 2 nic dns setup.

     

    one additional point: who should do the dhcp as well the server or the router? we ask because we have a small network, with IP phones (voip) and a internet high speed visa processing machine.

     

    you help would be appreciated. Especially the best setting for the nics

     

    Thanks

    Scott

     

    Thursday, May 08, 2008 7:27 PM

All replies

  • Do you have a static IP that you got from your ISP? If you do, then the 2008 server should be configured with this information. The server would act as the DHCP, and DNS server. Also, if you only have one public IP from your ISP, then you would have to have the Routing & Remote Access Role installed, and configure the Network Address Translation role (NAT) so that all other clients can access the internet.

    For simplicity sake, I typically rename my Local Area Connections to External, and Internal; makes it easier to troubleshoot issues, and make setup of different services "idiot proof".

    EX: NIC1 - Static IP info provided by your ISP

    • IP
    • Subnet Mask
    • Default Gateway
    • DNS

    NIC2 - Private Info for internal use

    • IP - 10.0.0.10
    • Subnet Mask - 255.255.255.0
    • Default Gateway - 10.0.0.x (Router IP)
    • DNS - 10.0.0.10

    Based on information I was given by my router provider, they suggested to login to the router admin page 192.168.X.X and change the IP information provided by your ISP statically in the router. Also disable the DHCP service on the router, as your server will be providing DHCP addresses.

    Again for simplicity sake, I change the default router ip address to something within the private range of 10.0.0.x

    When you setup the DNS role, make sure only the Internal NIC is selected under interfaces. Then under the Forewarders tab, input the DNS servers of your ISP; if they aren't in the list automatically.

    The only other thing to do is install the NAT server role. The install wizard is pretty simple to use, make sure you select the External NIC from the list during setup and that's about it.

     

    Sorry for such a long response, but I hope it helps.

    Thursday, January 13, 2011 12:59 AM
  •   Since you ask about best practice, Micrososoft recommends that you do not multihome a DC at all.  Multihomed DCs have been a problem since NT days and they still are.

      Why do you feel that you should multihome the DC when you have a separate router? Why not just give the DC one NIC with one IP and the router IP address as its gateway?

     

     


    Bill
    Thursday, January 13, 2011 1:53 AM
  • Like Bill said, it is not recommanded that your have a multihomed DC. So, I recommand to you to just have one NIC card for your DC.

    Once done, if your DC is also your DNS server, you can use 127.0.0.1 or its local IP address as a DNS server.

    As I see, there is no need that your DC has a public IP address so you can just configure DNS forwarding on it and all will be okay for the DNS resolution.

    For the DHCP service, you can configure it on your server, on your router or on both of them. Personally, I recommand to you to install the DHCP service on the router and the DC and divide the IP addresses to assign on both of them so that there will be no conflits. Like that you will ensure the DHCP service high availability.

     


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Microsoft Student Partner
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration

    Thursday, January 13, 2011 2:14 AM