Dual homed server causes domain to fail?
Here is my setup: I have 2 DC's 2 SQL servers and 1 App server all on a local network using a switch. IP's are 10.10.10.x This network has no internet access and is completely local. All servers are 2008 R2 x64. Everything works great. Now, if I connect an outside network cable to the 2nd NIC of my App server so that it can access the internet everything is fine, that server can now talk on the local .10 network as well as get out to the web via 2nd NIC. If I reboot that app server with that 2nd NIC plugged in things start to break. Any service in windows set to run as a domain account will fail to start even though they are set to automatic. If I try to do a GPupdate it just hangs, its almost as if it cannot talk on the domain. I can however, ping all the servers on the local lan and they respond back with the appropriate .10 address. If I unplug the 2nd network cable and reboot, all services start, and life is good. I'm assuming this has something to do with DNS on that 2nd external network connection? I'm just not sure. Anyone have ideas what is going on here or how to fix?
July 28th, 2011 7:43am

Have a look at this thread http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/a1583d7f-fa59-4497-89de-666d683e53a0/ and the links posted by Miles Li regarding fixing problems with multihomed DCs. While multihomed is supported it isn't recommended.
Free Windows Admin Tool Kit Click here and download it now
July 28th, 2011 9:14am

Sorry for the confusion, my DC's are not dual homed. Only the one application server is. The app server is where the problem is. The DC's are one NIC each.
July 28th, 2011 9:20am

Ahh, whoops. Maybe try setting the metric/priority of the two adapters so that the adapter connected to the internet has a lower metric, e.g., 1, and the domain adapter has a higher metric like 2 instead of being set to automatic.
Free Windows Admin Tool Kit Click here and download it now
July 28th, 2011 10:02am

Will try that. Some more info of the setup on the App server NIC 1 (internal switch) ip 10.10.10.200 mask 255.255.255.0 no gate way primary DNS 10.10.10.1 (DC1) Secondary DNS 10.10.10.2 (DC2) ---------------------------------- NIC 2 1.2.3.4(public ip example not the real IPs of course..) 255.255.255.0 gateway 1.2.3.254 (example) DNS 1.2.3.5 (example) 1.2.3.6 (example)
July 28th, 2011 10:43am

No luck. Also tried making changes to the binding order. After messing with the metric, if the NIC to the internet is plugged in I can't log into the domain, it says there are no domain controllers available. Unplug that NIC and I can instantly connect/login.
Free Windows Admin Tool Kit Click here and download it now
July 28th, 2011 1:56pm

Have you tried changing the DNS server settings on both nics to point to the DCs? The DCs will need dns forwarders to your ISP's dns in order to resolve external domains if they don't already.
July 28th, 2011 3:01pm

If I did that I dont think I would be able to resolve external DNS? The domain controllers have no internet access at all. The whole system is sitting in an isolated room connected to a switch that is doing nothing more than acting as a hub (I would have used a hub if I had one laying around). Nothing has access out to the internet. With the exception of one cable I ran from the wall to the app server which is used for internet access. I'm thinking it is DNS too but I dont know how to get around this. I've got to be missing something simple here.
Free Windows Admin Tool Kit Click here and download it now
July 28th, 2011 3:09pm

Are there any applicable error messages in your event logs?
July 28th, 2011 3:51pm

Hello, make sure the second NIC is NOT set to register in DNS and remove entries from it in the domian DNS forward/reverse lookup zones.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
July 28th, 2011 5:35pm

DNS registration is unchecked. Verified no entires on the DNS server for that 2nd NIC are present in the forward or reverse lookup zones. Nothing in the event logs to point me in any direction.
July 29th, 2011 7:39am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics