Is it possible to use one CD on two subnets?

taaadm2015-04-02 07:29:37

Domain Name System

taaadm, 2015-04-02 07:29:37

The CD+DNS server (Win2012R2) is installed on the subnet 10.1.124.0/24. The computers on this subnet are in the domain and everything works fine.
Routing between networks works well, all nodes of each other ping to the ip address.
But computers from the subnet 10.1.125.0/24 do not work well in the domain. (One of them was somehow introduced into the domain, but now crutches have been created in hosts for it to work in AD). Do not resolve ip addresses from the DNS server.

C:\Windows\system32>ping servert-01
ping servert-01
При проверке связи не удалось обнаружить узел servert-01.
Проверьте имя узла и повторите попытку.

C:\Windows\system32>nslookup servert-01
nslookup servert-01
╤хЁтхЁ:  UnKnown
Address:  10.1.124.4

╚ь :     servert-01.test.local
Address:  10.1.124.104


C:\Windows\system32>ipconfig /all
ipconfig /all

Настройка протокола IP для Windows

   Имя компьютера  . . . . . . . . . : USERPC1
   Основной DNS-суффикс  . . . . . . : test.local
   Тип узла. . . . . . . . . . . . . : Гибридный
   IP-маршрутизация включена . . . . : Нет
   WINS-прокси включен . . . . . . . : Нет
   Порядок просмотра суффиксов DNS . : test.local

Ethernet adapter Подключение по локальной сети:

   DNS-суффикс подключения . . . . . : test.local
   Описание. . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Физический адрес. . . . . . . . . : 74-31-22-44-2F-1C
   DHCP включен. . . . . . . . . . . : Да
   Автонастройка включена. . . . . . : Да
   IPv4-адрес. . . . . . . . . . . . : 10.1.125.74(Основной)
   Маска подсети . . . . . . . . . . : 255.255.255.0
   Аренда получена. . . . . . . . . . : 1 апреля 2015 г. 14:37:43
   Срок аренды истекает. . . . . . . . . . : 8 апреля 2015 г. 14:37:40
   Основной шлюз. . . . . . . . . : 10.1.125.3
   DHCP-сервер. . . . . . . . . . . : 10.1.3.6
   DNS-серверы. . . . . . . . . . . : 10.1.124.4
                                       8.8.8.8
   Основной WINS-сервер. . . . . . . : 10.1.124.4
   NetBios через TCP/IP. . . . . . . . : Включен

Туннельный адаптер isatap.test.local:

   Состояние среды. . . . . . . . : Среда передачи недоступна.
   DNS-суффикс подключения . . . . . : test.local
   Описание. . . . . . . . . . . . . : Адаптер Microsoft ISATAP
   Физический адрес. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP включен. . . . . . . . . . . : Нет
   Автонастройка включена. . . . . . : Да

Туннельный адаптер Teredo Tunneling Pseudo-Interface:

   Состояние среды. . . . . . . . : Среда передачи недоступна.
   DNS-суффикс подключения . . . . . :
   Описание. . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Физический адрес. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP включен. . . . . . . . . . . : Нет
   Автонастройка включена. . . . . . : Да

What could be the problem?

Answer the question

In order to leave comments, you need to log in

6 answer(s)

attacker, 2015-04-02
@athacker

You clearly have a DNS problem, not a routing problem. DNS will not work - and the domain will not work either.
What is a router between subnets? Hardware, server or something else? Are there any firewalls that can block DNS traffic between clients and DCs?
On the controller itself on the firewall, nothing superfluous is screwed up? What profile of a screw firewall is included on the client and on DC? And also attach the hosts file from the problematic workstation.

Ivan Arxont, 2015-04-02
@arxont

In traffic routing? Try ping and tracer from both the computer and the server. Well, look at dcdiag, you can see what errors there are.
Also check your firewall settings.

mayorovp, 2015-04-02
@mayorovp

The domain controller has nothing to do with subnets, the problem is on another level. Time a ping go - means, business not in routing. Although ...
I understand that 10.1.124.3 and 10.1.125.3 are the same router. This is true? Does he know about it? No random NAT hangs between networks? Faievola is not included there?
How is DNS configured?

taaadm, 2015-04-02
@taaadm

On DC (10.1.125.74 - the address of the problem computer from the second subnet):

PS C:\Windows\system32> route print
===========================================================================
Список интерфейсов
 12...00 15 5d 00 2a 00 ......Microsoft Hyper-V Network Adapter
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 таблица маршрута
===========================================================================
Активные маршруты:
Сетевой адрес           Маска сети      Адрес шлюза       Интерфейс  Метрика
          0.0.0.0          0.0.0.0       10.1.124.3       10.1.124.4    261
       10.1.124.0    255.255.255.0         On-link        10.1.124.4    261
       10.1.124.4  255.255.255.255         On-link        10.1.124.4    261
     10.1.124.255  255.255.255.255         On-link        10.1.124.4    261
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link        10.1.124.4    261
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link        10.1.124.4    261
===========================================================================
Постоянные маршруты:
  Сетевой адрес            Маска    Адрес шлюза      Метрика
          0.0.0.0          0.0.0.0       10.1.124.3  По умолчанию
===========================================================================

IPv6 таблица маршрута
===========================================================================
Активные маршруты:
 Метрика   Сетевой адрес            Шлюз
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Постоянные маршруты:
  Отсутствует
PS C:\Windows\system32> ping 10.1.125.74

Обмен пакетами с 10.1.125.74 по с 32 байтами данных:
Ответ от 10.1.125.74: число байт=32 время<1мс TTL=127
Ответ от 10.1.125.74: число байт=32 время<1мс TTL=127

On computer 10.1.125.74:

C:\Windows\system32>route print
route print
===========================================================================
Список интерфейсов
 11...74 d4 35 84 2f 1c ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Адаптер Microsoft ISATAP
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 таблица маршрута
===========================================================================
Активные маршруты:
Сетевой адрес           Маска сети      Адрес шлюза       Интерфейс  Метрика
          0.0.0.0          0.0.0.0       10.1.125.3      10.1.125.74     10
       10.1.125.0    255.255.255.0         On-link       10.1.125.74    266
      10.1.125.74  255.255.255.255         On-link       10.1.125.74    266
     10.1.125.255  255.255.255.255         On-link       10.1.125.74    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       10.1.125.74    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       10.1.125.74    266
===========================================================================
Постоянные маршруты:
  Отсутствует

IPv6 таблица маршрута
===========================================================================
Активные маршруты:
 Метрика   Сетевой адрес            Шлюз
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Постоянные маршруты:
  Отсутствует

C:\Windows\system32>ping 10.1.124.4
ping 10.1.124.4

Обмен пакетами с 10.1.124.4 по с 32 байтами данных:
Ответ от 10.1.124.4: число байт=32 время<1мс TTL=127
Ответ от 10.1.124.4: число байт=32 время<1мс TTL=127

By IP addresses, all computers in neighboring networks see each other, but by dns (fqdn) there are no names

Andrey Ermachenok, 2015-04-02
@eapeap

If all computers in neighboring networks see each other - why the heck are different subnets????
If everyone needs a domain and DNS - again, why the heck are different subnets????
If there are a lot of computers, isn't it easier to change the mask to 255.255.254.0 and not worry?

nApoBo3, 2015-05-27
@nApoBo3

1) It looks like you have problems with the reverse zone.
2) Is the second subnet registered on the domain controller?
3) Result of ping servert-01.test.local command?
4) If the network is as in the picture, remove DNS 8.8.8.8 and raise a secondary domain controller with a second DNS.