Allow two subnets to talk

I have a network with two subnets being used with a windows 2003 Ent as a
PDC. Since the PDC has two NIC cards both subnets can log into the domain
without a problem. The issue is that PCs from different subnets
(255.255.255.248 & 255.255.255.0) cannot "talk" with each other. What do I
need to do to get them to see each other when they browse the network?

Thanks

Dan

 

Have you configured the RRAS?
Anyway I suggest to not use double NIC on DC........
--

 

The DC should run with only one Nic and exist on only one subnet (doesn't
matter which one). A LAN Router should be placed between the Subnets. SBS
being the exception, there are a lot of potential networking issues that
arise from multi-homing a DC.

Here are some examples.

272294 - Active Directory Communication Fails on Multihomed Domain
Controllers
http://support.microsoft.com/default.aspx?scid=kb;en-us;272294

191611 - Symptoms of Multihomed Browsers
http://support.microsoft.com/default.aspx?scid=kb;EN-US;191611

It doesn't mean it can't be done (it is done with SBS), but it can just be
troublesome and is recommended that you avoid that situation.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

 

I installed it on the server but I am not sure how to configure it.

 

This is not required, DC can have network interfaces in as many subnets as
needed, and act as a router at the same time.

All the issues with multihomed DCs are related to network browsing, i.e. to
building the computer list in "My Network Places" - which is absolutely not
required (and, in my opinion, even MUST be avoided in corporate
environments) and does not affect users' ability to access network resources
in any way.

--
Dmitry Korolyov []
MVP: Windows Server - Directory Services

 

OK, here's an example:

NIC 1, ip: 192.168.0.1, attached to subnet 192.168.0.0/24
NIC 2, ip: 192.168.1.1, attached to subnet 192.168.1.0/24

In this case you configure 2 static routes in RRAS:

1) route to 192.168.0.0/24, through interface NIC 1
2) route to 192.168.1.0/24, through interface NIC 2

This way clients from the same network as NIC 1 will be able to access other
network segment (related to 192.168.1.0/24) through this router, but:
1. They must have configured with 192.168.0.1 as the default gateway (or
some other gateway that also has the route to 192.168.1.0/24 subnet)
2. The clients in the other subnet (where NIC 2 is) should use 192.168.1.1
as the gateway (or, similary, some other gateway that also has the route to
192.168.0.0/24 subnet)

 

Thanks, I will look into this but I have a question first. The IPs for the
255.255.255.248 subnet are 70.x.x.65 thru 70.x.x.69 and the IPs for the
255.255.255.0 subnet are 192.168.0.1 thru 192.168.0.50. Can these still
talk to each other?

Thanks

Dan

 

I want to test but I am not sure what the different settings are (I am a
programmer and networking is not my forte). WhI click "New Statis Route..."
the dialog box asks for:

Interface: This is the NIC I assume.
Destination: Not sure what to put here.
Network mask: Not sure what to put here.
Gateway: Not sure what to put here.
Metric: Not sure what to put here.

Thanks for you help.

Dan

 

Problem with that is a mutlihomed DC will register SRV records for every
interface in DNS, complicating the environment. A myriad of troubleshooting
issues often arise as a result of this, such as clients trying to reach DC
on IP interface to which it has no route. I've seen some of this in the
field.

--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights

This is not required, DC can have network interfaces in as many subnets as
needed, and act as a router at the same time.

All the issues with multihomed DCs are related to network browsing, i.e. to
building the computer list in "My Network Places" - which is absolutely not
required (and, in my opinion, even MUST be avoided in corporate
environments) and does not affect users' ability to access network resources
in any way.

--
Dmitry Korolyov []
MVP: Windows Server - Directory Services

 

I aggree with that, Todd. If you are using DDNS you get the same sorts
of name resolution problems with multihomed DCs (and remote access servers
which become multihomed as soon as anyone connects) as you used to get with
Netbios names. As with Netbios there are workarounds, but it is easier to
avoid them in the first place if you can.

 

Well, technically yes, BUT one of these subnets is from a private ip range
(192.168.0.0 - 192.168.255.255). Are you sure that you are using public
addressing for one office and private for another? I am asking because
usually you would set up NAT, not direct routing, between private and public
networks.

--
Dmitry Korolyov []
MVP: Windows Server - Directory Services

 

Destination: The network address for the destination network, for example,
192.168.1.0
Network mask: pretty descriptive, the appropriate network mask, for our
example - 255.255.255.0
Gateway - the ip address of another router
Metric - may leave the default value 1.

--
Dmitry Korolyov []
MVP: Windows Server - Directory Services

 

Well, technically this isn't much of a problem, because SRV records have
hostname, not ip, registered, and when resolving the hostname to ip, netmask
ordering feature will help the client to get the correct ip - which most
likely will be reachable from the client's interface.

But generally I agree, less problems, even possible problems, is always
better.

--
Dmitry Korolyov []
MVP: Windows Server - Directory Services