DNS problem with three DC's i different sites.

Hi

When I ping my domain name, I get an ip to a domian controller who is in a
site i cannot reach. This answer somtimes is ok, but often the dns query
fails, and I get the IP to a domain controller who is in a different site.
I have defined IP subnets under site and services but this does not work.
Are there any tip for me?

When I ping my domain name, I assume that the DNS should return the IP of
any domain controller who is in my site, according to my ipadress. Is that
right ?

 

No, not really.

By default NetMask ordering is enabled and you will get a DC within the
clients subnet if possible (matches on 255.255.255.0 by default, and
will only match if the answer is within the client subnet). Otherwise
standard round-robin ordering applies and the DC can be anywhere.

However, that record is not used in such a simple manner for the most
part. Instead Service Records are used to discover site-specific DCs if
possible.

What has prompted you to look at this?

Chris

 

I am using DFS in the domain. \\domainName\dfsroot\share. Thought I could
ping the domainName? And get answer from the nearest DC?

 

Not in pure DNS terms (with Ping), no. However, DFS service location is
site-aware, the client will follow referrals returned by the DFS server
and it will connect to a local or lowest cost DFS server if possible.

If NetMask Ordering is either disabled or not applicable then
continually running "nslookup domainName" should show round-robin
rotation. This is DNS only though, it won't impact DFS server selection
or logon server selection.

Chris

 

How can I test/use the DNS query for the nearest DC ? Which command can I
use to test things like this?

 

You can look up the service record. e.g.:

nslookup -q=srv _ldap._tcp.SiteName._sites.domainName
Or:
nslookup -q=srv _ldap._tcp.SiteName._sites.dc._msdcs.domainName

However, while those are used for DC location they are not all that is
used and they are not used for DFS server location.

Chris

 

Regarding testing for DFS, it's worth having a look at the DFSDiag
utility, depending on the version (of Windows) you have you may be able
to use the /TestReferral switch to check if and where clients will be
redirected whenever they attempt to connect.

Chris

 

Thanks you for the help!