DNS Dizziness
the_technocrat
IC-MotY1Indy Icrontian
OK, so I have 3 sites on the south side of chicago here. The main PDC is at one site, with a DC at each of the others.
All sites have T1 access, and are also connected to each other via VPN. (The firewalls that are in place at each site have hardcoded VPN connections to the other 2 firewalls)
Here's my problem. My main site (the PDC) and one of my other sites are without power today. Because of this, the third site has no DNS service. A quick check and, yep, the DNS server the 3rd site machines are using is the PDC...which is off right now. Hence, no DNS.
I can log into the firewall, and it is configured to use the ISP's DNS. It can resolve names fine. When I manually put the ISP's DNS server into a machine at the 3rd site (the only one with power right now), I can resolve addresses fine.
My question is:
1.) How do I tell my DC (which is set up as a DNS server itself) at the 3rd site to use the ISP's DNS server instead of pulling DNS over the VPN from the PDC at the other site, as it is doing right now.
2.) How do I tell the machines at that site to use their local DC for DNS instead of going over the VPN to the main site's PDC
Note - all campuses are of the same domain, so if there's some way for me to make a GPO that assigns specific DNS servers to specific OU's, that would be cool...
Sorry for the long post, this is rather annoying. Also note that I know this setup kinda sucks, but these sites are schools, so we kinda have to 'make do' with what we're given...
All sites have T1 access, and are also connected to each other via VPN. (The firewalls that are in place at each site have hardcoded VPN connections to the other 2 firewalls)
Here's my problem. My main site (the PDC) and one of my other sites are without power today. Because of this, the third site has no DNS service. A quick check and, yep, the DNS server the 3rd site machines are using is the PDC...which is off right now. Hence, no DNS.
I can log into the firewall, and it is configured to use the ISP's DNS. It can resolve names fine. When I manually put the ISP's DNS server into a machine at the 3rd site (the only one with power right now), I can resolve addresses fine.
My question is:
1.) How do I tell my DC (which is set up as a DNS server itself) at the 3rd site to use the ISP's DNS server instead of pulling DNS over the VPN from the PDC at the other site, as it is doing right now.
2.) How do I tell the machines at that site to use their local DC for DNS instead of going over the VPN to the main site's PDC
Note - all campuses are of the same domain, so if there's some way for me to make a GPO that assigns specific DNS servers to specific OU's, that would be cool...
Sorry for the long post, this is rather annoying. Also note that I know this setup kinda sucks, but these sites are schools, so we kinda have to 'make do' with what we're given...
0
Comments
I think the clients look to their local DC for a DNS server to use, correct? And the DC gives them whatever DNS it's been configured to use itself?
But the clients can't resolve addresses. They're still looking to th PDC at the other campus for DNs resolution, and it's without power, so they just time out.
There must be a place on the DC's of the two lesser sites where I can have them give out different DNS information to their clients. I know I've done this before, but I can't remember where to go. (It's not really something I do a lot...!)
Since I've got the DC working on its own, how do I tell it that: "Whenever any clients from this campus start up, tell them to use you as a DNS server. And you go get your DNS info from the ISP."
(yes, the DC is set up as a DNS server...but it appears to forward or at least pull DNS info from the PDC at our main site... (that means that when the main site goes down, no sites have DNS resolution...which sucks)
the setting is in DHCP management, not DNS management.
time for coffee...
Everything working now?
heh, yeah. The voices in my head worked together...THIS time.