[RESOLVED] One domain for multihomed network

[dragonhead]

I have a small network of 14 PC's/Printers all with public IP's. I have run into the problem where I wish to add another computer.

Background information :-

Public IP's available 212.84.114.64 MASK 255.255.255.240 (These are not actual IP's since security is still very suspect, but it gives the idea)

Private IP's used 192.168.100.0 MASK 255.255.255.0

Network has permanent connection to internet via 64K kilostream link.

Devices consist of 2 servers running NT4 Svr SP6a (One PDC, one BDC) 11 workstations running NT4 Wks SP6a, and one network printer.


To help with this problem I have converted some of these computers to private IP's, installed RRAS on the server and added the routing table to route packets within the local network. All computers now use the server as the gateway and I have installed a proxy server so all computers can get to the internet. All this seems to work correctly with all computers being able to ping other computers in the network, and access the internet.

My difficulty comes with the Domain. The private IP computers report that they can't see a domain controller (even though they can ping it).
From my investigations it seems that NetBIOS broadcast calls are replied to on the 212 IP's but not on the 192 IP's.

Is it possible to have two subnets logging into one domain, and controlled by one domain controller?


Any suggestions would be most appreciated, or comments for a better network setup.

Thanks in advance,

D

[sj]

Do you have a WINS server setup? I am not sure how well RRAS passes on broadcast traffic so the workstation on your private network may not be getting all of the browsing info needed. That may be one solution but the one that I am starting to believe in is have a DC on each network. This will help with logon issues and help minimize traffic going across your gateway. (With 14 computers I’m sure that is not an issue)

Let me know how it works out!

SJ

[dragonhead]

Thanks for the advice sj.

Have now setup WINS server, but still no change.

The broadcast packets should get to all computers on the network since there is only one physical network.
My problem comes from the fact that I can't logon to the domain.
The computer acting as PDC/router/WINS has two IP's 212.84.114.67 and 192.168.100.1

from nbtstat :-

C:\>nbtstat -A 212.84.114.67
NetBIOS Remote Machine Name Table

Name Type Status
---------------------------------------------
UKPDC <00> UNIQUE Registered
UKPDC <20> UNIQUE Registered
KINDER <00> GROUP Registered
KINDER <1C> GROUP Registered
KINDER <1B> UNIQUE Registered
KINDER <1E> GROUP Registered
UKPDC <03> UNIQUE Registered
ADMINISTRATOR <03> UNIQUE Registered
KINDER <1D> UNIQUE Registered
..__MSBROWSE__.<01> GROUP Registered
UKPDC <06> UNIQUE Registered

MAC Address = 00-01-02-31-12-00

C:\>nbtstat -A 192.168.100.1
Host not found.
Host not found.

C:\>ping 192.168.100.1

Pinging 192.168.100.1 with 32 bytes of data:

Reply from 192.168.100.1: bytes=32 time<10ms TTL=128
Reply from 192.168.100.1: bytes=32 time<10ms TTL=128
Reply from 192.168.100.1: bytes=32 time<10ms TTL=128
Reply from 192.168.100.1: bytes=32 time<10ms TTL=128

A computer with IP 212.84.114.?? can see domain controller, but one with 192.168.100.??? can't find the controller. Therefore can't logon.

Is there a way to have a domain controller visible on both IP's via one physical NIC.
ie. allow NetBIOS calls on both 212.84.114.67 and 192.168.100.1?

To throw in another idea, DHCP. If my computer is setup to receive an IP from DHCP server, how would it find the DHCP server? Would I need to logon to the domain first? How can I logon to the domain if the domain controller will not respond to broadcast packets?


Thanks

D

[smccue]

Have you fixed your problem? If you still need help post reply

Steve

[dragonhead]

Dear Steve,

After trying to repeat the exercise again I had more success the next time. I am still having a few problems with the amount of network trafic on the network, but it seems to be working (JUST!).

I would still be interested to know the workings of DHCP with regards to logging on to the network and NetBIOS calls.
If a computer is using a DHCP server to find out it's IP, how can it find the DHCP server?
Does it broadcast on the physical network to say 'Where is a DHCP server', or must it use WINS to find the DHCP server?

Many thanks for any info.

D

[cyberhh]

I am having a problem in regards to speed when moving from a 10 class to a 192 class. For instance when a client on the 192.33.44.?? class tries to access a FTP (internal) server at 10.1.1.?? it takes up to a full minute to get a connection, however the same machine with the 10.1.1.?? address access the server immediately.

I am not active on this issue - so feel free to fire away with inteligent responses and I will provide whatever information I can.

I felt that the best place to ask the question was to you - the windrivers gods and pray for rain.

Thanks

[dragonhead]

Howard

A couple of questions re network.

How many physical networks are you using?
How are you routing?
Are you using WINS?

D

[cordon]

My terminology may not be completely perfect here.
DHCP discovery or BootP is a broadcast sent out by any client set up for DHCP alocation of IP address. Some routers can be set up to forward BootP broadcasts (If they are RFC1542 compliant).
Once the DHCP receives a BootP request, it offers an IP address to the client (using MAC address unicast), the client accepts the address and then gets the DHCP package (IP address, subnet mask, DNS and WINS server IPs). When the client is shut down it should also send a release message to the DHCP server. For testing of new DHCP ranges, you can manually release the IP using 'winipcfg /'(something, sorry can't think of it off top of head).

DHCP gives the client a lease of an IP address (default set to expire in 3 days). The clients will try to renew this lease at a certain % of lease time (either 50 or 87.5%) and the DHCP server will renew if no changes have occured in the IP range.
Although bootp is a broadcast, it shouldn't cause too many problems with network traffic unless you set the lease to something very low.

For the difficulties with Netbios resolution accross subnets you could create an LMHOSTS file for the workstations on the unresponsive subnet with entries for the PDC, BDC, WINS server and any other vital servers.

For the public to private network time lag, it could be that the server running the address translation is bogged down with packet processing. Running perfmon to measure the processor use should tell you if this is the case.

It is possible to bind more than one IP address to a single NIC with NT4.

If any of this is hard to understand, poorly written or just plain wrong please say so.

[wosoft]

Very good explination, as for the Release of IP Address acquired through DHCP ( Windows NT4) Go to Command Prompt and Type
ipconfig /Release ( this will release the Ip Config)
Then type
ipconfig / Renew , also if you need help on the commands for ipconfig , type ipconfig/?
this will give you a list of the different commands.

Originally posted by cordon:
For testing of new DHCP ranges, you can manually release the IP using 'winipcfg /'(something, sorry can't think of it off top of head).