Are additional interfaces needed on the domain controller?

A

Artem Kaybagorov2020-05-30 13:41:43

Domain Name System

Artem Kaybagorov, 2020-05-30 13:41:43

Hello, there is an organization network of 2 AD sites, in one site there is only one /24 segment, in the second it was decided to divide the network into separate /24 segments, there was a question related to domain controllers, they are running on Hyper-V Server, do I need to add for each vlan network interface on the DC from the second site in such a way that DHCP and DNS server are available in each of the vlan without routing?
If necessary, is it necessary to specify a gateway for each of these interfaces? If specified, Windows writes a warning that this configuration may not work correctly. If you do not specify, problems with replication between AD sites begin, tk. The IP address of the DC from the second site can be chosen from those for which no Gateway is specified, and accordingly will be inaccessible to the DC from the first site.
If it is not necessary, then it is generally clear with the DHCP server, you can configure a DHCP relay and redirect DHCP requests from the router to the Windows Server, but what about the DNS server if we assume that some of the vlans should be isolated?
Prompt best practices of such configuration.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alexey Dmitriev, 2020-05-30
@ArteMoon

DNS uses IP - it's a routable protocol. Accordingly, if there are routes from other subnets, it will work.
DHCP uses broadcast/BOOTP - these are non-routable protocols.
To use the same DHCP server on multiple subnets, DHCP Relays are typically used to send requests to a DHCP server on a different subnet.
What about default gateway - having them on multiple interfaces can lead to routing problems, which inside a local network is usually solved by creating static routes.