General discussion

Locked

Multiple IPs Single NIC

By Iain z-uk ·
I have a win server 2k3 with ISA 2000 on it connecting to my network also on my network i have another 2k3 server which is domain controller and DNS server, the ISA is part of the domain.

I want to add a second public static IP address (I have a range of 16ish enough anyway as i am only using 1 at the moment) to my public facing NIC, when i try adding the address to the TCP/IP properties of that connection all seems to work apart from my DNS server is then unable to resolve. Is there something i need to change in ISA

This conversation is currently closed to new comments.

10 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by CG IT In reply to Multiple IPs Single NIC

humm recap. you have a range of static, ISP assigned, IP addresses [16ish] of which you use 1 as your external NIC IP address. Am I right so far???

Next, you want to use some more from that pool of 16ish as a range of IP address for your external Interface. When you "add" another IP address to the external interface [in addition to the first one in which there is a DNS A Record], DNS is now not able to provide Name to IP address resolution. Correct so far??? Did you add another record in DNS for the second IP address????

Collapse -

by CG IT In reply to

OR are you trying for multihomed on the LAN interface?

Collapse -

by CG IT In reply to

well all depends upon your DNS problem. If your DNS server is authoritative for your FQDN and public users are now not able to find you then yes you'll need a DNS record.

NOTE: On the public side of things you can't have 2 IP addresses for the same FQDN. There isn't a mechanism yet in Name servers that says if this IP address doesn't resolve to this FQDN try this IP address for the same name. IP to Name resolution is unique just as your house address to your pysical house is unique. you can't have two different addresses for the exact same physical location.

Collapse -

by CG IT In reply to

now there gateway appliances that have 2 WAN ports that can handle 2 inbound connections for fail over. One problem that exists is the TTL for A records on name servers. Name servers will go with whatever the DNS record says IP address is this FQDN and that IP address is vaild for this period of time. Name servers will cache the record for easy access and go with the TTL on the record. If one line fails then there has to be fail over and a subsequent broadcast that FQDN is now this IP address, all DNS servers update your records and discard the old one. BUT dyanmic DNS isn't 2 address for the same FQDN meaning this FQDN can be this IP address OR this IP address try either one.

Collapse -

by CG IT In reply to

hope that made sense. In a nutshell, unlike the US mail which can foward undeliverable postal mail for one address to the next known address on record there isn't an "either this one or if that doesn't work try that one for a while until the first one become available again" for FQDN name to ip resolution YET.

Collapse -

by Iain z-uk In reply to

Thank you for your help, i have it sorted now it was an issue with the firewall not DNS.

Collapse -

by Iain z-uk In reply to Multiple IPs Single NIC

Thanks for your answer, all is correct except there is no DNS A record for the first IP address on my dns server and also presuming on my ISPs dns. So i didn't see any point in adding an A record for subsequent IP addresses, does DNS require to know the IP address of the external interface on the ISA server, bearing in mind they are on seperate servers?

Collapse -

by george In reply to Multiple IPs Single NIC

You have to manually add the DNS A record for the new IP address. Also, you have to contact your ISP (or whoever is in charge of your DNS records) to do the same on the public DNS servers. I assume that your DNS is set up as a private DNS (external users cannot access your DNS server).

Collapse -

by Iain z-uk In reply to

Thanks for your answer, you're right about my DNS it is private. I have got it sussed now it wasn't a DNS issue, it was my firewall.

Collapse -

by Iain z-uk In reply to Multiple IPs Single NIC

This question was closed by the author

Back to Windows Forum
10 total posts (Page 1 of 1)  

Related Discussions

Related Forums