How to configure WPAD DNS entry in Windows Server in case of multiple AD sites?

Z

zxsavage2015-04-24 19:31:28

Domain Name System

zxsavage, 2015-04-24 19:31:28

Good afternoon.
Available:

Windows Server 2012
example.com domain
geographically separated offices
their corresponding sites in AD - foo, bar, abc
each office has a proxy server:
site network proxy(A) proxy(ip address)
foo 192.168.0.0/24 proxy-f.example.com 192.168.0.11
bar 192.168.1.0/24 proxy-b.example.com 192.168. 1.11
abc 192.168.2.0/24 proxy-a.example.com 192.168.2.11
DHCP 252 - ' http://proxy-$.example.com/wpad.dat '

Actually, in addition to DHCP, you need to distribute the proxy address using DNS. In the case of a single site, we simply create a CNAME. But what if there are multiple sites?
UPD1 . There is a setting option in WPAD itself:

if (isInNet(myIpAddress(), "192.168.0.0", "255.255.255.0"))
    return "PROXY proxy-f.example.com:3128";
if (isInNet(myIpAddress(), "192.168.1.0", "255.255.255.0"))
    return "PROXY proxy-b.example.com:3128";
if (isInNet(myIpAddress(), "192.168.2.0", "255.255.255.0"))
    return "PROXY proxy-a.example.com:3128";

but he does not like the fact that in the event of problems with the VPN, some site will be left without the Internet. I would like some more reliable solution, so that it is the DNS server that gives the desired ip address.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

anton1234, 2015-04-24
@zxsavage

Read about netmask ordering technology, for example here .
This is an advanced version of round robin that checks if the list of addresses contains an entry from the client's network.
There is an alternative. Configure proxies through group policies. They are easily attached to the site. There is of course a nuance. You configure in fact a proxy in IE. Not all programs take their settings from it.