Dual NIC vs Single NIC

Discussion in 'Windows Small Business Server' started by Joe, Mar 4, 2008.

  1. Joe

    Joe Guest

    In the past Most of my systems have been dual NIC usually with ISA but due to
    many reasons I am now considering going to a single NIC and moving away from
    ISA.

    Currently with my existing setup, if the SBS server is down, for what ever
    reason, my customers can't even get to the internet.

    If I had a second member server set up as the backup DC, a single NIC SBS
    server, and a hardware firewall wouldn't that allow my customer to log on and
    access the internet if the SBS server was offline temporarly? I would still
    want the SBS server to run the DHCP and DNS roles but would assume that would
    not matter as long as the SBS machine was not down for more than a few hours
    at a time.

    The above seems logical to me, but then since I have not done it I am
    checking for any "gotchas" lying around that I might not be aware of.

    By the way I would be running SBS2003R2 on such an install that would assist
    me in the licencing issue of the second server which would be running server
    2000 or 2003 as a member of the SBS box.

    Joe
     
    Joe, Mar 4, 2008
    #1
    1. Advertisements

  2. Yes they can.....they just can't resolve names :)
    Yes. If you have another DC running AD-integrated DNS, and your client
    workstations have the secondary DNS server listed, they should work.
    You'd need to buy Windows 2000 or 2003 but I believe you wouldn't need
    additional CALs.

    That all being said, if you're having regular problems with your SBS box
    going down, I'd rather address those - add as much redundancy to the server
    hardware as you can. That would be a better use of money, in my opinion,
    although it's true that outside of SBS, it's always recommended to have more
    than one DC.
     
    Lanwench [MVP - Exchange], Mar 4, 2008
    #2
    1. Advertisements

  3. Joe

    Joe Guest

    Lanwrench that is one the problem with the dual nic setup, The users get to
    the internet thru the SBS box. If it is down, while they can log on to their
    own box they have no access to the outside world. I am looking for a way to
    make my systems a little more "bulletproof" and at the same time allow me to
    do some server maintainance without totally shutting down the office.
     
    Joe, Mar 5, 2008
    #3
  4. Joe

    Joe Guest

    Chris, I would indeed set the firewall up as the gateway in the SBS DNS. As
    far as resolving IP addresses with a single NIC SBS, when you enter the
    secondary DNS on the server can't that be an external DNS address such as
    your ISP's DNS or 4.2.2.2 ? Doesn't that get passed to the client?

    Of course another solution would be to let the gateway run DHCP instead of
    the SBS but I seem to have it in my mind that that might be causing a problem
    on the SBS side. However I've never tried it!

    Joe
     
    Joe, Mar 5, 2008
    #4
  5. Joe,

    GUMBY and some others would flame me if I posted what I do
    So if you want to know what I do and you can try it in your TEST
    environment.
    (I've been using it since the last time Gumby got after me)

    Give me an Email And I'll talk you about what I do and you can decide if it
    works for you.
    Again what I would be recommending is not a standard or recommended by
    Microsoft.

    Russ at sbits.biz

    --

    SBITS.Biz
    Microsoft Gold Certified Partner
    Microsoft Certified Small Business Specialist.
    MCP, MCPS, MCNPS, (MCP-SBS)
    North America Remote SBS2003 Support - http://www.SBITS.Biz
    Introduction to Windows Small Business Server 2003 for Enterprise IT Pros
    http://www.microsoft.com/downloads/...53-CCD6-4F2B-BBD9-5E7B97C232EC&displaylang=en


    -

     
    Russ \(SBITS.Biz\), Mar 5, 2008
    #5
  6. Actually if you are in North America
    Send me your phone number and I'll call you,
    It's quicker for me to talk to you about what to do then write it out. :)

    Russ

    --

    SBITS.Biz
    Microsoft Gold Certified Partner
    Microsoft Certified Small Business Specialist.
    MCP, MCPS, MCNPS, (MCP-SBS)
    North America Remote SBS2003 Support - http://www.SBITS.Biz
    Introduction to Windows Small Business Server 2003 for Enterprise IT Pros
    http://www.microsoft.com/downloads/...53-CCD6-4F2B-BBD9-5E7B97C232EC&displaylang=en


    -

     
    Russ \(SBITS.Biz\), Mar 5, 2008
    #6
  7. Yeah, that's right, HIDE! YOU FIEND!!! Don't admit to your perverse
    practices in public, whisper them in the corner out of my hearing. Ya snotty
    little degenerate.

    Joe, Russ is neither a fiend, perverse, nor a degenerate. At least, I don't
    really think so.

     
    SuperGumby [SBS MVP], Mar 5, 2008
    #7
  8. LMAO

    :)

    Russ

    --

    SBITS.Biz
    Microsoft Gold Certified Partner
    Microsoft Certified Small Business Specialist.
    MCP, MCPS, MCNPS, (MCP-SBS)
    North America Remote SBS2003 Support - http://www.SBITS.Biz
    Introduction to Windows Small Business Server 2003 for Enterprise IT Pros
    http://www.microsoft.com/downloads/...53-CCD6-4F2B-BBD9-5E7B97C232EC&displaylang=en


    -

     
    Russ \(SBITS.Biz\), Mar 5, 2008
    #8
  9. You're not getting off that lightly mate. C'mon, OUT WITH IT!!! Just what
    wierd little secret is being whispered in the corner?

    Admit it! You thought I wasn't gonna notice! At least give me the chance to
    argue my case.

     
    SuperGumby [SBS MVP], Mar 5, 2008
    #9
  10. Naw, I don't like to fight.
    Did that enough with the Ex to last 5 life times.. ;)

    After your and mine last discussion, I switch my system to what I said.

    And it still works, no issues ;)

    Russ

    --

    SBITS.Biz
    Microsoft Gold Certified Partner
    Microsoft Certified Small Business Specialist.
    MCP, MCPS, MCNPS, (MCP-SBS)
    North America Remote SBS2003 Support - http://www.SBITS.Biz
    Introduction to Windows Small Business Server 2003 for Enterprise IT Pros
    http://www.microsoft.com/downloads/...53-CCD6-4F2B-BBD9-5E7B97C232EC&displaylang=en


    -

     
    Russ \(SBITS.Biz\), Mar 5, 2008
    #10
  11. OK, it works for you. But if you're gonna give that advice to someone else I
    _demand_ the right of argument.

    You reckon your ex was a demon, get on my wrong side and you'll be fondly
    remembering her.

    Of course, Joe can happily bypass the whole thing and email/phone you, my
    demands in such case are futile. ce la vie.

     
    SuperGumby [SBS MVP], Mar 5, 2008
    #11
  12. LOL
    I doubt if you can even come close to my ex.
    She woke up everyday in a bad mood.

    You ever hear the story about the people who are nice before the marriage
    then once they get married it's like a switch gets flipped and they are a
    different person?
    (Well I never believed it, but it happened.)

    Actually I have to give her credit
    after 9 years she's been working out things (personal issues.)
    and treats me like a nice person again.

    And when she does get mad at me for no reason she calls and apologizes.
    So I guess I'm "Finally" a Nice guy.

    I remember when she would call me up after our Divorced.
    she'd be yelling at me, and I'd say
    Sorry, I put up with this when we were married,
    however I don't have to put up with it now,
    Call me back when you want to treat me nice.
    and I'd hang up...

    Of course I'm damaged, goods, and women are Just Friends, but I'm ok with
    that for now.

    Russ

    --

    SBITS.Biz
    Microsoft Gold Certified Partner
    Microsoft Certified Small Business Specialist.
    MCP, MCPS, MCNPS, (MCP-SBS)
    North America Remote SBS2003 Support - http://www.SBITS.Biz
    Introduction to Windows Small Business Server 2003 for Enterprise IT Pros
    http://www.microsoft.com/downloads/...53-CCD6-4F2B-BBD9-5E7B97C232EC&displaylang=en


    -

     
    Russ \(SBITS.Biz\), Mar 5, 2008
    #12
  13. all a nice story (yes, no matter how long it took I'm glad to hear you and
    the demon are friends again).

    BUT, if you wanna whisper that secret in a corner that's between Joe and
    you. I'm simply tapping you on the shoulder 'wanna share that with the
    class?'.

     
    SuperGumby [SBS MVP], Mar 5, 2008
    #13
  14. Joe

    Henrik Guest

    yes, pls share :) pls.. and russ, dont you ever sleep?

    --
    Henrik Arenblad, MCP SBS,







     
    Henrik, Mar 5, 2008
    #14
  15. Nope, I don't share or play well with others LOL

    --

    SBITS.Biz
    Microsoft Gold Certified Partner
    Microsoft Certified Small Business Specialist.
    MCP, MCPS, MCNPS, (MCP-SBS)
    North America Remote SBS2003 Support - http://www.SBITS.Biz
    Introduction to Windows Small Business Server 2003 for Enterprise IT Pros
    http://www.microsoft.com/downloads/...53-CCD6-4F2B-BBD9-5E7B97C232EC&displaylang=en


    -

     
    Russ \(SBITS.Biz\), Mar 5, 2008
    #15
  16. It;s only 1:00am now, but I get to sleep in until 7:30am :)

    I also sometimes take naps at 5:00pm to 6:00pm

    -rg

    --

    SBITS.Biz
    Microsoft Gold Certified Partner
    Microsoft Certified Small Business Specialist.
    MCP, MCPS, MCNPS, (MCP-SBS)
    North America Remote SBS2003 Support - http://www.SBITS.Biz
    Introduction to Windows Small Business Server 2003 for Enterprise IT Pros
    http://www.microsoft.com/downloads/...53-CCD6-4F2B-BBD9-5E7B97C232EC&displaylang=en


    -

     
    Russ \(SBITS.Biz\), Mar 5, 2008
    #16
  17. Well, I don't think you should be doing server maintenance during the
    business day, myself - but your server shouldn't be the gateway if you don't
    have ISA. Set all clients to point at your router's LAN IP as default
    gateway.
     
    Lanwench [MVP - Exchange], Mar 5, 2008
    #17
  18. Sure. Sometimes it's necessary.
    Me too.
    I'm not familiar with that one, myself.
     
    Lanwench [MVP - Exchange], Mar 6, 2008
    #18
  19. Hello Joe,

    Thank you for posting here. Let's also thank others for the input.

    According to your description, I understand that you want to client
    computers could access Internet when you shutdown or restart the SBS for
    maintenance. If I have misunderstood the problem, please don't hesitate to
    let me know.

    Based on my research, this is a DNS and DHCP issue. By default the SBS is
    the DNS server for all clients. After you shutdown the SBS, the client
    computers unable to resolve the domain name of Internet. So the Internet
    access fail.

    For this, we can make the DHCP on SBS to assign second DNS server to all
    client computers. When the primary DNS (SBS) is not available, the clients
    will try the alternate DNS server.

    1. Run command "dhcpmgmt.msc" on SBS to open DHCP console
    2. Extend DHCP -> SBS.domain.local -> Scope -> Scope Options
    3. Double click "006 DNS Servers" in right pane
    4. Input the second DNS (your ISP DNS), click Add

    Note: Ensure the SBS IP is above your ISP IP in the list.

    5. Click OK
    6. Restart the clients

    Note: If you rerun the CEICW, the above configuration will be reset to
    default value. Therefore, you need to perform the above steps again after
    your rerun the CEICW.

    Of course, this workaround does not work when the client restarts at the
    SBS shutdown time. The client gets IP address from SBS, if the SBS
    shutdown, the client unable to detect the DHCP server, and unable to get
    IP. The whole network of client will be unavailable.

    To workaround this scenario, you only have to disable DHCP on SBS and make
    your router work as DHCP server. However, this is not recommended. If you
    like, you can try it yourself.

    I hope these steps will give you some help.

    Thanks and have a nice day!

    Best regards,

    Terence Liu(MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    | Thread-Topic: Dual NIC vs Single NIC
    | thread-index: Ach+7Ycor51Gr0zTRzilimYCEQJBpQ==
    | X-WBNR-Posting-Host: 207.46.19.168
    | From: =?Utf-8?B?Sm9l?= <>
    | References: <>
    <>
    <>
    <>
    | Subject: Re: Dual NIC vs Single NIC
    | Date: Wed, 5 Mar 2008 10:20:01 -0800
    | Lines: 73
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 7bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | Newsgroups: microsoft.public.windows.server.sbs
    | Path: TK2MSFTNGHUB02.phx.gbl
    | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:96557
    | NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
    | X-Tomcat-NG: microsoft.public.windows.server.sbs
    |
    | Lanwench, thanks again for your input. I attempt to do as little
    maintainence
    | as possible during the work hours of course. However 2 of my clients are
    | large churches and they have extended hours 7 days a wekk plus some of
    the
    | programs they run require maintance by the software support personel
    during
    | the 8-5 time frame.
    |
    | When I don't use ISA I typically intall a Sonicwall as my gateway and
    more
    | recently a newer firewall by Calyptix Security (it also has an internal
    hard
    | drive and will hold mail when the server is offline)
    |
    | Joe
    |
    | "Lanwench [MVP - Exchange]" wrote:
    |
    | > > Lanwrench that is one the problem with the dual nic setup, The users
    | > > get to the internet thru the SBS box. If it is down, while they can
    | > > log on to their own box they have no access to the outside world. I
    | > > am looking for a way to make my systems a little more "bulletproof"
    | > > and at the same time allow me to do some server maintainance without
    | > > totally shutting down the office.
    | >
    | > Well, I don't think you should be doing server maintenance during the
    | > business day, myself - but your server shouldn't be the gateway if you
    don't
    | > have ISA. Set all clients to point at your router's LAN IP as default
    | > gateway.
    | > >
    | > > "Lanwench [MVP - Exchange]" wrote:
    | > >
    | > >>> In the past Most of my systems have been dual NIC usually with ISA
    | > >>> but due to many reasons I am now considering going to a single NIC
    | > >>> and moving away from ISA.
    | > >>>
    | > >>> Currently with my existing setup, if the SBS server is down, for
    | > >>> what ever reason, my customers can't even get to the internet.
    | > >>
    | > >> Yes they can.....they just can't resolve names :)
    | > >>>
    | > >>> If I had a second member server set up as the backup DC, a single
    | > >>> NIC SBS server, and a hardware firewall wouldn't that allow my
    | > >>> customer to log on and access the internet if the SBS server was
    | > >>> offline temporarly? I would still want the SBS server to run the
    | > >>> DHCP and DNS roles but would assume that would not matter as long
    | > >>> as the SBS machine was not down for more than a few hours at a time.
    | > >>
    | > >> Yes. If you have another DC running AD-integrated DNS, and your
    | > >> client workstations have the secondary DNS server listed, they
    | > >> should work.
    | > >>>
    | > >>> The above seems logical to me, but then since I have not done it I
    | > >>> am checking for any "gotchas" lying around that I might not be
    | > >>> aware of.
    | > >>>
    | > >>> By the way I would be running SBS2003R2 on such an install that
    | > >>> would assist me in the licencing issue of the second server which
    | > >>> would be running server 2000 or 2003 as a member of the SBS box.
    | > >>
    | > >> You'd need to buy Windows 2000 or 2003 but I believe you wouldn't
    | > >> need additional CALs.
    | > >>
    | > >> That all being said, if you're having regular problems with your SBS
    | > >> box going down, I'd rather address those - add as much redundancy to
    | > >> the server hardware as you can. That would be a better use of money,
    | > >> in my opinion, although it's true that outside of SBS, it's always
    | > >> recommended to have more than one DC.
    | > >>
    | > >>>
    | > >>> Joe
    | >
    | >
    | >
    | >
    |
     
    Terence Liu [MSFT], Mar 6, 2008
    #19
  20. Terence, you're gonna make me hot under the collar.

    _ALL_ members of a Windows AD should use _only_ AD aware DNS servers for
    name resolution. Should Joe perform the action you describe and restart his
    SBS any client machine which makes a name query while SBS' DNS is
    unavailable will switch to querying his AD-ignorant router/ISP for name
    queries. The PC's will then experience problems requesting AD resources
    until they switch back to using SBS DNS.

    Whoever suggested you should pass on this advice needs to talk to MS Active
    Directory development, then be shot.

     
    SuperGumby [SBS MVP], Mar 6, 2008
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.