AD-DNS-DHCP

Discussion in 'Active Directory' started by Ferg, Jul 24, 2009.

  1. Ferg

    Ferg Guest

    G'Day All,

    Greetings and best wishes.
    I have searched high and low for a solution here and am stumpped. I have not
    found anything. I am trying to accomplist the following.

    In my AD I have 3 OU - <Staff>, <Associates>, <Partners>
    I also have two different internet connections each with their own firewall,
    LAN IP, and range of WAN IPs.
    192.192.192.77 Internet Connection #1
    192.192.192.87 Internet Connection #2

    How can I, through AD, Logon Scripts, DNS, DHCP or whatever, set <STAFF> to
    ALWAYS use Internet Connection#2 as the default gateway,
    <Associates> and <Partners> to ALWAYS use Internet Connection#1 as the
    default gateway.

    Many thanks

    Mike
     
    Ferg, Jul 24, 2009
    #1
    1. Advertisements

  2. Ferg

    Jorge Silva Guest

    Hi
    Point the clients to the correct gateway!!!

    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MVP Directory Services
     
    Jorge Silva, Jul 24, 2009
    #2
    1. Advertisements

  3. Hello Ferg,

    Use 2 scopes in the DHCP server with reservations pointing to the different
    gateways.

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], Jul 24, 2009
    #3
  4. Ferg

    Ferg Guest

    Meinolf,

    Thanks for the reply.
    Does that mean that I will have to configure reservation for each client's
    IP?
    How about AD OU, nothing possible there?

    Thanks again.
     
    Ferg, Jul 24, 2009
    #4
  5. Hello Ferg,

    No, ip configuration is done via DHCP or with fixed ip addresses. Maybe you
    should think about using a multi-port router, they can use multiple DSL connections
    and you can configure them for separating services or load balancing.

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], Jul 24, 2009
    #5
  6. Ferg

    Jorge Silva Guest

    Hi Ferg,
    Please always respond here.

    Answer:
    Simple, example: for DHCP clients, remove the gatway configuration from your
    DHCP scope, then you can setup a logon or startup script/batch file that
    defines a static route to general gateway something like this:
    #---------------------------------------------------
    route -p add 0.0.0.0 mask 0.0.0.0 192.192.192.77
    #---------------------------------------------------
    The "-p" switch means persistent, event after a reboot the route will be
    there.

    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MVP Directory Services
     
    Jorge Silva, Jul 24, 2009
    #6
  7. Ferg

    Ferg Guest

    Jorge,
    Awesome reply. That's what I was basically looking for since yesterday.
    I will give it a try.

    'preciate it.

    Thanks
     
    Ferg, Jul 24, 2009
    #7
  8. Hello Jorge,

    Never thought about using the route add function this way. Works like a charm.
    :)

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], Jul 24, 2009
    #8
  9. Ferg

    Joe Dunn Guest

    If you wanted to the keep the management of the default gateway addresses in
    DHCP look at setting up User Classes. Then use a logon script via GPO with
    the ipconfig \setuserclass command. You can then have different default
    gateway address Options in the same scope but applied to different computers
    depending on OU.

    Best Regards
    Joe Dunn
    MCSE, MCTS, CCNA
     
    Joe Dunn, Jul 24, 2009
    #9
  10. Ferg

    Jorge Silva Guest

    Yep.
    :D

    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MVP Directory Services
     
    Jorge Silva, Jul 24, 2009
    #10
  11. Ferg

    Jorge Silva Guest

    Great!!!

    If your routers do support loadbalance mechanism as stated by Meinolf and
    your objective is to load balance across those IPs, I also do recommend to
    use the routers, is simpler and faster...

    If not, than route -p add should do the job.
    Note that you also play with metrics (METRIC specifies the metric, ie. cost
    for the destination. Lower cost, higher priority) using the route add cmd:
    sample:
    #---------------------------------------------------
    route -p add 0.0.0.0 mask 0.0.0.0 192.192.192.77 metric 1
    route -p add 0.0.0.0 mask 0.0.0.0 192.192.192.87 metric 100
    #---------------------------------------------------

    and for the other machines
    #---------------------------------------------------
    route -p add 0.0.0.0 mask 0.0.0.0 192.192.192.87 metric 1
    route -p add 0.0.0.0 mask 0.0.0.0 192.192.192.77 metric 100
    #---------------------------------------------------
    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MVP Directory Services
     
    Jorge Silva, Jul 24, 2009
    #11
  12. I would probably go with this option instead of the route print, but I must admit, I like the route print idea from Jorge.

    But then again, if I were Ferg (the original poster), I would investigate a router that will handle multiple ISPs, as Meinolf suggested, in order to alleviate the need to make these non-default alterations to my operating systems.

    Cheers!


    --
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and confers no rights.

    Please reply back to the newsgroup or forum to benefit from collaboration among responding engineers, and to help others benefit from your resolution.

    Ace Fekay, MCT, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA Messaging
    Microsoft Certified Trainer

    http://twitter.com/acefekay

    For urgent issues, you may want to contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.
     
    Ace Fekay [MCT], Jul 25, 2009
    #12
  13. Ferg

    Jorge Silva Guest

    Another thing, how many DHCP clients are we talking about?

    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MVP Directory Services
     
    Jorge Silva, Jul 25, 2009
    #13
  14. Laptops will fail when they move off the LAN if they have a persistent
    default route.
    Also, every DHCP client would need to be in the domain, otherwise no
    gateway.
    Anthony,
    http://www.airdesk.com
     
    Anthony [MVP], Jul 25, 2009
    #14
  15. Ferg

    Grant Taylor Guest

    Using a multi-port router probably would make things somewhat easier.
    However, even if the router is configured to segregate based on service,
    what happens if you want to the same service across two different
    internet connections based on user? Further, what happens if users
    switch systems?

    Using GPO scripts to set the (non-persistent) route will allow things to
    be correct no matter who is logged on to what system or what they are doing.



    Grant. . . .
     
    Grant Taylor, Jul 26, 2009
    #15
  16. If users had the rights to set their gateway in a login script, then they
    could simply change it to the fast one.
    A start-up script would work though, as long as users are not admins.

    Really I think that if you are looking at different classes of service,
    possibly Voice also, and maybe wireless and Guest access, then VLAN's and
    QoS are the way to go.


    Anthony
    http://www.airdesk.com
     
    Anthony [MVP], Jul 26, 2009
    #16
  17. Ferg

    Jorge Silva Guest

    Laptops will fail when they move off the LAN if they have a persistent
    Easy, for laptops, make the routes non-persistent.
    The clients don't need to be in the domain to get DHCP address.
    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MVP Directory Services
     
    Jorge Silva, Jul 26, 2009
    #17
  18. Ferg

    Ferg Guest

    About 75.

    Anyway, all the replies have benefitted me quite a bit. I have many options,
    but for now the logon script rout command is good enough.
    I will work on getting my Cisco switches configured with VLANS and go that
    route later on.

    Jorge, Meinolf, Grant, Anthony and Ace, thanks very much to you "guys". I
    appreciate your help.
    Cheers and best wishes.
     
    Ferg, Jul 27, 2009
    #18
  19. Hello Ferg,

    You're welcome.

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], Jul 27, 2009
    #19
  20. Ferg

    Jorge Silva Guest

    Great.
    Let's know if you need additional help.
    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MVP Directory Services
     
    Jorge Silva, Jul 27, 2009
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.