Sign in
Microsoft.com
 
Resources for IT Professionals
 
 
 
Resources for IT Professionals > Forums Home > Windows HPC (High Performance Computing) Forums > Windows HPC Server Deployment, Management, and Administration > Head node as AD Controller with two NICs
Ask a questionAsk a question
Search Forums:
 

AnswerHead node as AD Controller with two NICs

  • Wednesday, October 21, 2009 3:01 PMelansey Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    We have our head node configured as a AD Controller for our clients.  One NIC connects to the university's (CCNY) network for client access, and the other connects to the compute nodes on a private network (but still are members of the domain).  However, with this setup the DNS server (which must be running for the AD controller) has trouble.  It seems that multihomed AD controllers are not generally recommended, but I'm not sure how else to configure this system.
    Any tips?
    Thanks!
     

Answers

  • Wednesday, November 04, 2009 9:10 PMelansey Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     Answer
    Sign In to Vote
    0
    Sign In to Vote
    Thanks Dan.  (Just saw response today, not sure why it didn't alert me by email).
    We actually just used a layer 3 appliance to route between public and private networks.  This solved the networking issue, but now the compute node can't get out for Windows Update (per our site's IT dept. request, these computers should just exist in their private world).
    But I'll post a new question for that.
    Thanks again.
    • Marked As Answer byelansey Thursday, November 05, 2009 11:35 AM
    •  
     

All Replies

  • Tuesday, October 27, 2009 9:57 AMDanAdams Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    Hello elansey
    As you say multihomed DCs are not recommended, but I believe this is a supported configuration. From experience there are some things which can help in this environment...
    Check the bind order of your network interfaces, make sure that the internal NIC is listed first
    The DNS shouldn't have records for the public interface that is outside of the client network. Make sure that the DC/DNS doesn't have and doesn't listen on the external interface. To check that go to the external interface and disable the option "Register this connection's addresses in DNS" under TCP/IP advanced properties. Then from the DNS console make sure that only the internal interface is selected to listen for DNS queries.
    Make sure that you don't have incorrect routes configured.
    Check that clients point to the correct internal DNS server address ONLY, and that they can resolve the FQDN of the domain.
    Check the underscore (service) records in DNS & ensure that they are correctly configured for the internal interface address.
    Configure a forwarder on your DNS server to direct external DNS requests to your enterprise DNS infrastructure.
    There are a few other steps which may help, but this should be a good start.
    Cheers
    Dan
     
  • Wednesday, November 04, 2009 9:10 PMelansey Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     Answer
    Sign In to Vote
    0
    Sign In to Vote
    Thanks Dan.  (Just saw response today, not sure why it didn't alert me by email).
    We actually just used a layer 3 appliance to route between public and private networks.  This solved the networking issue, but now the compute node can't get out for Windows Update (per our site's IT dept. request, these computers should just exist in their private world).
    But I'll post a new question for that.
    Thanks again.
    • Marked As Answer byelansey Thursday, November 05, 2009 11:35 AM
    •