none
DNS Zone Scopes, Server 2016 RRS feed

  • Question

  • I've only created the DnsServerClientSubnets at this point but if I run Get-DnsServerClientSubnet on the Server 2016 DNS server I created them on I see them.  If I run that command on the remote Server 2016 DNS server I get no results.  I've waited over an hour for replication.

    So my questions are 1) Should the Client Subnets I create replicate?  2) If so, what am I missing?  3) If not do the Zone Scopes replicate or must they also be created on the remote server as well?

    Wednesday, December 12, 2018 5:14 PM

Answers

All replies

  • Hi,

    Thanks for your question.

    According to your description, I have some points need to confirm with you.

    Do you means that you can do Get-DnsServerClientSubnet on Server 2016 DNS server but you can not do this on remote server? Which way do you use to connect to remote server? 

    What do you want to realize?

    Please feel free to let me know if you need any assistance.

    Best Regards,

    Eric


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, December 13, 2018 5:45 AM
  • Hello,

    As far as I know DNS policies configuration does not replicate to other DNS.

    High availability section :

    https://docs.microsoft.com/en-us/windows-server/networking/dns/deploy/dns-sb-with-ad

    So to answer your question you should do the configuration on each DNS server

    Best Regards,

    • Marked as answer by Daniel Kaliel Thursday, December 20, 2018 4:33 PM
    Thursday, December 13, 2018 8:19 AM
  • Hi,

     

    Just checking in to see if the information provided was helpful.

    Please let us know if you would like further assistance.

     

    Best Regards,

    Eric


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, December 17, 2018 7:36 AM
  • It was but I must have done something wrong because after creating the policy the 2016 DNS servers stopped responding to all requests even though they were up.  All I can think is I forgot to create a policy allow policy or something.  After deleting the policies they started responding correctly again.  Below are the commands I issued.

    Add-DnsServerClientSubnet -Name "xxx10Subnet" -IPv4Subnet "10.2.0.0/16"

    Add-DnsServerClientSubnet -Name "xxxVPNSubnet" -IPv4Subnet "192.168.1.0/24"

    Add-DnsServerZoneScope -ZoneName "domain.local" -Name "xxxZoneScope"

    Add-DnsServerResourceRecord -ZoneName "domain.local" -Srv -Name "_cisco-uds._tcp" -DomainName "UCM02.domain.local" -Priority 0 -Weight 100 -Port 8443 -ZoneScope "xxxZoneScope"

    Add-DnsServerQueryResolutionPolicy -Name "xxxPolicy" -Action ALLOW -ClientSubnet "eq,xxxVPNSubnet,xxx10Subnet" -ZoneScope "xxxZoneScope,1" -ZoneName "domain.local"

    Monday, December 17, 2018 4:45 PM
  • Hi,

    Thanks for your sharing.

    Is there anything I can help you?

    Please feel free to let me know if you need any assistance.

    Best Regards,

    Eric


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, December 18, 2018 9:00 AM
  • Hello,

    Did you check that the record you have created was working after doing the steps you describe ?

    Best Regards,

    Tuesday, December 18, 2018 12:22 PM
  • Hi,

    Just checking in to see if the information provided was helpful.

    Please let us know if you would like further assistance.

    Best Regards,

    Eric


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, December 20, 2018 5:43 AM
  • No, I am going to open a new case with the new issue.
    Thursday, December 20, 2018 4:33 PM