Help setting up 2NIC Server 2003 network

[pakotlar]

Hello,

Was hoping that one of the brilliant minds here could help. This is the current system:

SMC Internet + Router (in Hub mode/forward dhcp)
|
|
Linksys 54GS (Handles NAT) ------- Server (Server 2003, DHCP&DNS w/Active Directory, no NAT) |
| |
| |
Dlink 24 port 10/100 + 2 port 1Gbit switch (unmanaged)
|
|
Client Computers (8 at this point)

This may be a noob problem, but it is confusing to me. Basically what I want to happen is for the network to have some redundancy against multiple points of failure. If the router goes down, I want the client computers to have access to the server & NAS (connected to switch), and if the server goes down, I want the clients to have access to the internet.
The server should assign the ip addresses., using active directory. We also have exchange set up. Both server NIC's should have static ip's. I also need help setting up VPN.

More detail :

Logically it seems that there are two possibilities for the client network path: 1) The client talks to the router to get an ip, and the request is forwarded to the server, which assigns an IP for that client. Otherwise, the request would go through the server, and the server will assign an IP through active directory. The Linksys router should handle NAT, so if the server goes down the clients with leased IP addresses should have access to the internet for the duration of the lease.

I am having trouble setting all of this up. How should I set up the router? I will post up a picture of the current router settings if requested, but in general I thought that turning DHCP to "forward", and making the the gateway ip used by 1st NIC on the server (and turning off all other router settings, like DHCP related settings like DNSMasque & DHCP server) as the IP I assigned for the router would do it. Instead, when I disconnect the server from the network, my client computers do not have internet access.

Current proposition:
The router would be set to "Gateway" mode(this is what the router mode is called on this model, the "hub" mode is called "Router") with a static IP and 2 DNS addresses assigned to us by Comcast which we use for the WAN/external IP settings. The router has its own ip address, assigned by me. Both server NIC's have static ip addresses, both of which fall outside the range of the DHCP/Active directory available addresses (192.168.1.100-254) The 1st server NIC of the server (the "external" nic, talking to the router) would use the router IP as the gateway, and would have DNS 1 & 2 as the comcast-assigned dns's. 2nd NIC, would connect to the Dlink switch, would have no gateway ip, and would use its IP address as DNS1, where DNS 2 would be set to the DNS 1 assigned by comcast. All client computers use automatic settings for both IP/Gateway/Subnet Mask and DNS1&2. Active Directory on the server should automatically assign an ip address in the range. Once connected to our network each client computer should have a name/ dns suffix, ip address in the range 192.168.1.100-254, and DNS 1 should be the IP address of the 2nd NIC. DNS2 should be the DNS1 assigned by comcast(?)

Long post, basically any help would be great. This is my first experience with Server 2003 & active directory. Thanks guys.

 

[imagoon]

What you are trying to do will not work correctly with one server.

a) Your clients must have the DNS set to the server and the server only. So if the server is down, DNS fails and the Internet 'fails.'

b) your drawing makes it look like you have 2 cables attached to the dlink from the linksys. Unless the dlink is a managed switch (and even then it is a hack) this will cause a layer 2 loop.

c) DHCP can be set up redundantly, You typically use 2 DHCP servers that do not share the same IP range. IE server a) hands out x.x.x.10 - 50 while b) hands out x.x.x.51-100. They cannot overlap and should have the same settings otherwise.

Unless you are using etherchannel, you will not be able to get both NICs to work (well) on the same network segment in Windows. You will likely cause issues with AD and DNS etc.

Forward in the router likely refers to "ip helper-address" in cisco speak. This lets the router relay the DHCP request to a centrally managed DHCP server that is configured with many scopes.

Personally I would attach the server directly to the DLink (via gigabit if you are not uplinking to other switches) and just hand a 100Mbps connection to the linksys. Let Windows handle DHCP and DNS. Also buy a second server to have a second Domain Controller, DNS and DHCP server if you want it.

 

[drebo]

If you want redundancy in a Microsoft (or, indeed, any world), you need two servers.

As stated, your client computers must point to a DNS server that has the appropriate Active Directory information in it. This does not necessarily have to be a domain controller, or even a Windows system (although that does make it much easier). They must also be supplied the proper DNS suffix by whatever DHCP server you use, which again does not necessarily need to be a domain controller or even a Windows box.

You can set up multiple DHCP servers in the same scope in an active/standby mode only. Two active DHCP servers in the same scope, even if they're not handing out the same address range, can cause problems. DHCP scope is determined based on the subnet and default gateway of the interface on which DHCP requests are received, or by the contents of the DHCP packet itself in the case of forwarded DHCP requests. Two servers listening on the same broadcast domain will cause multiple DHCP reservations to be made for a single host, even though it technically only receives one IP address.

Making sure that layer 1 and layer 2 (the cables and the switches) are redundant is much more difficult and requires much more expensive equipment. You can use link aggregation to make redundant links to your server, but unless you invest in VSS-capable switches, both links must connect to the same switch. Or, potentially, if your network drivers support STP properly, you could configure them as a bridge and connect them to multiple switches in a different configuration. Making your router redundant is a lot easier by using something that supports HSRP or VRRP.

To address your most basic goals (allow the clients to reach the server when the router is down and allow internet access when the server is down), you will want to get another server and connect both servers directly to the same switch that your clients connect to.

Based on some of the things you're talking about in your proposition, I would STRONGLY advise you to talk to a consultant about this. I would strongly advise you NOT to use the setup you thought of.

 

[Emulex]

always use the AD servers for dns/dhcp then have the dns on those AD servers forward all requests to your dns provider for non-local lookups (google dns ie for multi-static isp's)

virtualize everything. helps when you make mistakes/backup and allows 1 boxen to be on the internet and intranet with real isolation. esx essentials and veeam is cheap.

 

[imagoon]

You can set up multiple DHCP servers in the same scope in an active/standby mode only. Two active DHCP servers in the same scope, even if they're not handing out the same address range, can cause problems. DHCP scope is determined based on the subnet and default gateway of the interface on which DHCP requests are received, or by the contents of the DHCP packet itself in the case of forwarded DHCP requests. Two servers listening on the same broadcast domain will cause multiple DHCP reservations to be made for a single host, even though it technically only receives one IP address.

Actually no.. Windows DHCP and dhcpd on linux require the ack to be returned by the client or the request times out in 120 seconds or so and the reservation is discarded. The method I listed is considered correct albeit wasteful, however it can be done with cheap routers etc if you want.

For a DHCP reservation to occur, the client broadcasts, the server replies and the client must reply back. DHCP requests will be accepted first come first serve on Windows / Linux. The second reply is either discarded (linux I am pretty sure) or NAK'd (windows) and the reservation is not held.

If you have have Windows + 'Enterprise' 2k3 or 2k8 you can just cluster the service.

 

[pakotlar]

What you are trying to do will not work correctly with one server.

a) Your clients must have the DNS set to the server and the server only. So if the server is down, DNS fails and the Internet 'fails.'

b) your drawing makes it look like you have 2 cables attached to the dlink from the linksys. Unless the dlink is a managed switch (and even then it is a hack) this will cause a layer 2 loop.

c) DHCP can be set up redundantly, You typically use 2 DHCP servers that do not share the same IP range. IE server a) hands out x.x.x.10 - 50 while b) hands out x.x.x.51-100. They cannot overlap and should have the same settings otherwise.

Unless you are using etherchannel, you will not be able to get both NICs to work (well) on the same network segment in Windows. You will likely cause issues with AD and DNS etc.

Forward in the router likely refers to "ip helper-address" in cisco speak. This lets the router relay the DHCP request to a centrally managed DHCP server that is configured with many scopes.

Personally I would attach the server directly to the DLink (via gigabit if you are not uplinking to other switches) and just hand a 100Mbps connection to the linksys. Let Windows handle DHCP and DNS. Also buy a second server to have a second Domain Controller, DNS and DHCP server if you want it.

Great, thanks. I will not be on site most of the time, and am looking for the easiest way for my boss to be able to get back online in case the server goes down. If I use two servers, I end up splitting the ip range, and will not reliably have any specific machine up (although do split odds for some causes of failure). If I assign a static ip to a particular machine, will I be able to avoid losing internet access when I am down?

Also I'm not sure I quite understand why I can't use DNS provided by Comcast as a redundant DNS. If I had just one machine plugged into the modem, it would be utilizing that DNS. So if the server goes down, why can't I default to that DNS, and retain my service? Shouldn't the principle be the same? At that point I don't care if the addresses change, or if when the server is back up the clients still match up with active directory. Most important is for me to have a redundancy method that my boss, who knows nothing about networking, could utilize to not lose time in case of failure.

I've looked at the pros and cons of virtualization, and frankly it doesn't make sense for a business of this size. Restoring from a backed up VM may save time, but I'd rather just use an easily accessible backup drive, since everything is on site.

As far as wiring between router, server, and switch, I have a standard 2 Nic setup (router-server-switch-clients) except I want NAT to be handled by the router in order to provide some redundancy against multiple points of failure. Plugging the server into the switch directly is something I can also do, and have though of, issue there is that the switch is not in the most secure location, and don't want to lose the entire network in case switch is unplugged or worse.

 

[drebo]

Please, for the love of God, hire a consultant. There are things about networking that you just don't understand that are not possible to teach on a message board.

1) Active Directory does not "provide IPs" to client computers. DHCP does. A DHCP lease generally lasts at least a day. This means that if the DHCP server goes down, the client computers will still maintain their IP address for at least a day. This time period is configurable.

2) Active Directory is not some magical networking thing that automagically happens between Windows computers. It relies on DNS to tell client computers which servers to look at for which services. If the client computers or servers are pointed to a DNS server that does not have the appropriate records for your specific domain (Comcast's DNS servers, for instance), your domain will not work correctly. It will kind of work because of NetBIOS, but it will not work well. Do not do this.

3) If your two DHCP servers are both providing IP addresses in the same subnet to the same layer 2 network, layer 3 connectivity will still exist between all remaining hosts on that layer 2 network. They are not split up, they are redundant.

4) Your "standard 2 Nic setup" is not standard at all, except in a scenario where you're using Microsoft ISA Server to NAT and firewall the rest of your network. You only need to use a single NIC in your server. Period.

5) Virtualization will not help you achieve your goals. It may end up being a part of your goals, but it will not, by itself, achieve them. You need to grasp the fundamentals of what you're doing before you go playing with something like that.

6) Hire a consultant who is familiar with Windows and shadow him as he sets this up. From him, you can learn the proper way to do things. If he is good, he will also explain to you what he is doing and why.

 

[imagoon]

Like Drebo said, #1 hire a consultant at this point. You need to hit the books for a bit before you start making suggestions to your boss.

DNS is critical to an operating domain if you use a foreign DNS server, it will simply cease to function. The clients will not be able to locate the DC or file shares etc. Also to make it worse, most of the commercial servers will actually tell your client "yes blahcompany.local is [ip address of some advertising server]) Making your clients never log in. Also it is a very common misconception that "secondary DNS" is only used when the primary DNS is down. This is not the case. The IP's are simply a list. Once Windows finds a working one it generally sticks with it. So during 'normal operations' you may find your clients looking out to comcast to resolve the server which causes the above mentioned problem.

DHCP as long as both scopes are in the same subnetwork can hand out different portions of it. Default Windows lease is 8 days also so the server has to be down for a very long time before clients get worried unless you configured it to be very short for some reason.

Quite simply, the redundancy you wants cannot occur with only one Domain server. if the DC is down, DNS is down and the Internet is effectively down. Effectively the PCs are down because their security model is broken also at the time. If the Internet is down, the internal clients would still access the internal server.

 

[pakotlar]

Please, for the love of God, hire a consultant. There are things about networking that you just don't understand that are not possible to teach on a message board.

1) Active Directory does not "provide IPs" to client computers. DHCP does. A DHCP lease generally lasts at least a day. This means that if the DHCP server goes down, the client computers will still maintain their IP address for at least a day. This time period is configurable.

2) Active Directory is not some magical networking thing that automagically happens between Windows computers. It relies on DNS to tell client computers which servers to look at for which services. If the client computers or servers are pointed to a DNS server that does not have the appropriate records for your specific domain (Comcast's DNS servers, for instance), your domain will not work correctly. It will kind of work because of NetBIOS, but it will not work well. Do not do this.

3) If your two DHCP servers are both providing IP addresses in the same subnet to the same layer 2 network, layer 3 connectivity will still exist between all remaining hosts on that layer 2 network. They are not split up, they are redundant.

4) Your "standard 2 Nic setup" is not standard at all, except in a scenario where you're using Microsoft ISA Server to NAT and firewall the rest of your network. You only need to use a single NIC in your server. Period.

5) Virtualization will not help you achieve your goals. It may end up being a part of your goals, but it will not, by itself, achieve them. You need to grasp the fundamentals of what you're doing before you go playing with something like that.

6) Hire a consultant who is familiar with Windows and shadow him as he sets this up. From him, you can learn the proper way to do things. If he is good, he will also explain to you what he is doing and why.

Can't hire a consultant, so I would appreciate a little courtesy. I have enough knowledge to do set this up with some help. If I don't understand something fundamental, just point me in the right direction, no need to be rude.

1) I never said it did. I set up Server 2003 as a DHCP/DNS server. Leases are 30 days.
2) That's ALL I WAS ASKING. And fuck you for the "automagically comment". I know how active directory works. I was asking if it would work AT ALL, in case I wasn't around to bring the server back up.
3)K
4)No shit, like I said, it's a standard setup when the server is handling nat. Read the fucking post.
5) No shit. It was a response to the poster who suggested I use virtualization, the purpose of which I can only surmise would be to speed up restores from backup. I am not using, nor plan to use, virtualization.
6) I'm familiar enough with windows to set up a 6-10 computer network. There are plenty of resources on the net, and I had no problems figuring out a 1 or 2 nic config. If I don't sound like an expert to you, I really don't give a shit. I just wanted some straights answers. If I could hire a consultant to this for me I would.



I get the feeling that your answers are a tad bit pretentious. If you have something useful to tell me, do it, otherwise stay out of the thread.

 

[pakotlar]

Like Drebo said, #1 hire a consultant at this point. You need to hit the books for a bit before you start making suggestions to your boss.

DNS is critical to an operating domain if you use a foreign DNS server, it will simply cease to function. The clients will not be able to locate the DC or file shares etc. Also to make it worse, most of the commercial servers will actually tell your client "yes blahcompany.local is [ip address of some advertising server]) Making your clients never log in. Also it is a very common misconception that "secondary DNS" is only used when the primary DNS is down. This is not the case. The IP's are simply a list. Once Windows finds a working one it generally sticks with it. So during 'normal operations' you may find your clients looking out to comcast to resolve the server which causes the above mentioned problem.

DHCP as long as both scopes are in the same subnetwork can hand out different portions of it. Default Windows lease is 8 days also so the server has to be down for a very long time before clients get worried unless you configured it to be very short for some reason.

Quite simply, the redundancy you wants cannot occur with only one Domain server. if the DC is down, DNS is down and the Internet is effectively down. Effectively the PCs are down because their security model is broken also at the time. If the Internet is down, the internal clients would still access the internal server.

Why the hell would I hire a consultant for this. Why don't you give me some money to hire that consultant. Otherwise, leave that kind of commentar out of this please, it's not constructive. The network works fine with either 1) The server w/ 1 NIC hooked into the switch, handling DHCP and DNS, or 2 as a link between the router and switch handling DHCP,DNS, and NAT. I DON'T CARE IF THEY CAN'T SEE FILE SHARES OR ANYTHING ELSE ON THE DOMAIN. I don't care if it's a hack, if it won't work "well" if it won't interface with the rest of the client machines, NAS, etc. All of that works fine when the server is up, as it should.

Thanks.

Ok, so there is no way with just one server. That's fine, I can set up a 2nd.

What books would you recommend? I'm using Microsoft's networking education resources, but if there is something better, I'm all for it.

Just because I'm not fluent in the vocabulary you're used to doesn't mean I'm stupid, or ignorant of basic networking/ win server setup. Must be hard to interface with normal triple majors like me, I'm obviously trying to learn as I go and it's ironic that that's unacceptable to you, as the only possible intention you could have in a thread like this is to offer some advice to a person less experienced. The network, when set up with a standard 1 or 2 nic server works fine, I had this done 2 weeks ago.I appreciate the advice about setting up a second server to handle DHCP on the same subnet, but that's not what I'm looking for, I realized that possibility on my own. I'm looking for a creative approach to solving this redundancy issue for my BOSS, who needs to be able to access the internet, through a client machine even when the server is down.

 

[pakotlar]

If anyone else has some suggestions go for it. Again, the request is to give the client computers internet access once the server goes down, preferably without reconfiguring the comcast modem/SMC router or the linksys router to handle dhcp and dns, utilizing the leased ip address that each client computer has (leases are set to 30 days).

If your reply is, 1) You don't know how to properly set up Windows Server 2003 to handle DHCP/DNS and NAT 2) 2 NIC configurations are not standard/out of your league chump 3) Hire a consultant

I have two words for you: go fuck yourself. I know how to properly set up Server 2003 in a 2 layer config 1 NIC or 2 NIC, and now know how to handle a 3 layer config. What I'm asking is for my boss to have internet access when the server goes down. I would prefer to have the server handle DHCP for Active Directory & Exchange. I do not care if the solution is something that would break network continuity WHEN THE SERVER IS NOT IN OPERATION. The idea is for him to have access in an emergency without having to do anything harder than an r&r.

I have read that it is possible to have temporary internet access as long as each client's cached credentials have an ip address, which would be handled by the dhcp server before it goes down.

If this is too complicated for you, and you want to spend the post insulting me, I'll point you to this XKCD comic, have fun: http://xkcd.com/386/.

 

[mxnerd]

To pakotlar:

All of the members who replied your post are real experts and all of their advices are great.
According to your post, you really have no idea about the difference between Microsoft's DNS and Comcast's DNS or any other DNS on the internet.
If you don't want to hire consultant, fine, then do it yourself.
If you do not do it right, you are going to screw yourself or you will be screwed by your boss, very soon.

====================================
*EDIT*

The most basic configuration is like following if all you need is DHCP redundancy.

SMC Internet + Router (in Hub mode/forward dhcp?)
|
Linksys 54GS (Handles NAT)
|
Dlink 24 port 10/100 + 2 port 1Gbit switch (unmanaged)
|
Server (Server 2003, DHCP&DNS w/Active Directory, no NAT) & Client Computers (8 at this point) all on the same switch.


Please, use only one NIC for server. Server & client use Linksys IP as gateway.
Setup DHCP on server and create a range, ex. 192.168.1.51-100, forward DNS query to comcast DNS IP if inquired domain is not local domain.
Configure Linksys DHCP as well and create a range like 101-150, set DNS1 as server's IP, DNS2 as comcast's DNS1's IP. This way, 2 DHCP server will not conflivt with each other.

 

[pakotlar]

To pakotlar:

All of the members who replied your post are real experts and all of their advices are great.

According to your post, you really have no idea about the difference between Microsoft's DNS and Comcast's DNS or any other DNS on the internet.

If you don't want to hire consultant, fine, then do it yourself.

If you do not do it right, you are going to screw yourself or you will be screwed by your boss, very soon.

*EDIT*

The most basic configuration is
SMC Internet + Router (in Hub mode/forward dhcp?)
|
Linksys 54GS (Handles NAT)
|
Dlink 24 port 10/100 + 2 port 1Gbit switch (unmanaged)
|
Server (Server 2003, DHCP&DNS w/Active Directory, no NAT) & Client Computers (8 at this point) all on the same switch.

Please, use only one NIC for server. Server & client use Linksys IP as gateway.

I appreciate the diagram, but please read the post again, and don't reply until you do. I know how to setup a 1 NIC or a 2 NIC server, and a 2 layer or 3 layer config w/ redundant DHCP server. That's not what I'm asking about. Read the next paragraph:

Again, I know the difference between comcast's DNS and the internal network DNS. The experts have some reading comprehension issues, or I'm not coming across clearly. What I'm asking is essentially why the client computers, which should essentially have a temporary static IP leased by the DHCP/DNS server (my internal server running 2003) cannot access the WAN WHEN THE SERVER IS DOWN. OBVIOUSLY it would have problems resolving DNS1 which is pointing to my server.

I want ideas on alternate configs, which would allow my boss to access the WAN from one of the client configs if the server ever goes down. If you have ideas that would help me solve that problem, I would appreciate. Don't write me a post telling me how to interface a server with a network, about internal DNS/DHCP configs vs comcasts DNS and IP address. All of that is very basic and non-interesting, and if it makes you feel superior that you could drop that kind of 1st grade knowledge in a thread on AT I have two words for you: please go fuck yourself. Take it or leave it. Want to treat me like a moron, get out. Have some advice stay and I'd love to talk to you. I appreciate imagoon's advice, drebo at this point I don't want you in this thread. I want advice from someone who has some decent cognitive faculties.

 

[Jamsan]

Have the DHCP server hand out a secondary DNS server of Comcast's DNS server. If the internal DNS server goes down, it will go to it's secondary DNS server for resolution. Since it's an external DNS server, all internal resolution will fail, but external access will work just fine. Increase the lease time on the server to several weeks to ensure the client will have IPs in the event you can't get out to the site for quite some time to fix the issue.

Also, using 192.168.1.x is generally a bad idea when it comes to setup a VPN. 90%+ of home networks use this range, and it'll make your configuration much more complex down the road when trying to set this up.

And as a friendly aside - your tone with everyone is just wrong. While they may be dishing out the same to you, calling people dickheads and telling people not to repost until they've read the original post is just asking for people to never come back to this thread.

 

[pakotlar]

Have the DHCP server hand out a secondary DNS server of Comcast's DNS server. If the internal DNS server goes down, it will go to it's secondary DNS server for resolution. Since it's an external DNS server, all internal resolution will fail, but external access will work just fine. Increase the lease time on the server to several weeks to ensure the client will have IPs in the event you can't get out to the site for quite some time to fix the issue.

Also, using 192.168.1.x is generally a bad idea when it comes to setup a VPN. 90%+ of home networks use this range, and it'll make your configuration much more complex down the road when trying to set this up.

And as a friendly aside - your tone with everyone is just wrong. While they may be dishing out the same to you, calling people dickheads and telling people not to repost until they've read the original post is just asking for people to never come back to this thread.

Great, but that's exactly what I had set up, and had WAN access from clients when the server was down, but I changed something in Linksys settings, which after changing back did not restore connectivity (I was checking out the difference between setting it to forward DHCP vs disable DHCP server). At least I'm on the right track.

Ok, thanks for the info about 192.168.1.x . Unfortunately I can't change this, even the subnet, for the server ip anyways, because the database my boss runs a script that looks up a 192.168.1.x address everything is password protected and boss does not have access (except to execute the startup). I guess I could still change the ip range of the client computers to something else, but what would that afford me? I'll rebuild his database soon, so that issue will go away.

I set the lease time to 30 days, which should give me enough time to get into the office and do whatever is necessary to get the server back up.

So I guess there is some problem with my Linksys settings. Actually, would it be the 2nic config that is causing problems? I'm not using redundant gateway (so only NIC1 has a gateway IP), DNS1 on clients is set to the 2nd server nic's ip (which is the "internal" nic), and the server has no problems accessing WAN, and neither do any clients when the server is up. I figure if the server is down, DNS1 is no longer resolvable, the clients should then resolve DNS 2, using the routers direct connection to the switch.

Thanks for the post.

 

[mxnerd]

I appreciate the diagram, but please read the post again, and don't reply until you do. I know how to setup a 1 NIC or a 2 NIC server, and a 2 layer or 3 layer config w/ redundant DHCP server. That's not what I'm asking about. Read the next paragraph:

Again, I know the difference between comcast's DNS and the internal network DNS. The experts have some reading comprehension issues, or I'm not coming across clearly. What I'm asking is essentially why the client computers, which should essentially have a temporary static IP leased by the DHCP/DNS server (my internal server running 2003) cannot access the WAN WHEN THE SERVER IS DOWN. OBVIOUSLY it would have problems resolving DNS1 which is pointing to my server.

I missed the part where Server's DHCP's scope options (006 DNS Servers), you should assign as many as DNS possible. Of course the first one should be server's IP, and include comcast's DNS server ip as second / third..

Are you satisfied now?

 

[pakotlar]

I missed the part where Server's DHCP's scope options (006 DNS Servers), you should assign as many as DNS possible. Of course the first one should be server's IP, and include comcast's DNS server ip as second / third..

Are you satisfied now?

Ok, I thought that's how it was set up now, but maybe I made a mistake here, if that's the case major oversight on my part. Thanks for the advice man, I'll let you know how it goes tomorrow.

 

[Jamsan]

Ok, I thought that's how it was set up now, but maybe I made a mistake here, if that's the case major oversight on my part. Thanks for the advice man, I'll let you know how it goes tomorrow.

Isn't that what I just said and you said it was done?

 

[imagoon]

Why the hell would I hire a consultant for this. Why don't you give me some money to hire that consultant. Otherwise, leave that kind of commentar out of this please, it's not constructive. The network works fine with either 1) The server w/ 1 NIC hooked into the switch, handling DHCP and DNS, or 2 as a link between the router and switch handling DHCP,DNS, and NAT. I DON'T CARE IF THEY CAN'T SEE FILE SHARES OR ANYTHING ELSE ON THE DOMAIN. I don't care if it's a hack, if it won't work "well" if it won't interface with the rest of the client machines, NAS, etc. All of that works fine when the server is up, as it should.

Thanks.

Ok, so there is no way with just one server. That's fine, I can set up a 2nd.

What books would you recommend? I'm using Microsoft's networking education resources, but if there is something better, I'm all for it.

Just because I'm not fluent in the vocabulary you're used to doesn't mean I'm stupid, or ignorant of basic networking/ win server setup. Must be hard to interface with normal triple majors like me, I'm obviously trying to learn as I go and it's ironic that that's unacceptable to you, as the only possible intention you could have in a thread like this is to offer some advice to a person less experienced. The network, when set up with a standard 1 or 2 nic server works fine, I had this done 2 weeks ago.I appreciate the advice about setting up a second server to handle DHCP on the same subnet, but that's not what I'm looking for, I realized that possibility on my own. I'm looking for a creative approach to solving this redundancy issue for my BOSS, who needs to be able to access the internet, through a client machine even when the server is down.

Wow. Acting like a child. Do it your way then. You will find out why it doesn't the next time the DC fails.

If you didn't want help, why post in a public forum asking?

 

[pakotlar]

Wow. Acting like a child. Do it your way then. You will find out why it doesn't the next time the DC fails.

If you didn't want help, why post in a public forum asking?

I wanted help, from human beings. I don't have it in me to respond with anything but ire to disrespectful low lives. You seemed fine, thanks for the advice you offered.

 

[RadiclDreamer]

er. That's fine, I can set up a 2nd.

Just because I'm not fluent in the vocabulary you're used to doesn't mean I'm stupid, or ignorant of basic networking/ win server setup..

Yeah actually it does mean you are ignorant.

http://dictionary.reference.com/browse/ignorant

It's not a derogatory term, it just means you are lacking the necessary knowledge and training to make this work well. All he is trying to say is this isn't some weekend project, this is a business network and needs built and designed with that in mind. It's not something you can pick up with just reading a few books and jumping in. Sure you might get it working eventually, but you really need to sit down with a test lab and learn the ins and outs before attempting something like this. There is a lot more to it than meets the eye.

 

[pakotlar]

Yeah actually it does mean you are ignorant.

http://dictionary.reference.com/browse/ignorant

It's not a derogatory term, it just means you are lacking the necessary knowledge and training to make this work well. All he is trying to say is this isn't some weekend project, this is a business network and needs built and designed with that in mind. It's not something you can pick up with just reading a few books and jumping in. Sure you might get it working eventually, but you really need to sit down with a test lab and learn the ins and outs before attempting something like this. There is a lot more to it than meets the eye.

I'd use that definition to meditate on what the constraints of "ignorance of basic networking " are. I knew how to set up a 2nic server w/exchange frontend, dhcp,dns,nat serving 10 clients sitting behind 2 routers remote admin, vpn, etc, backing up to a nas through backupexec without issue. What I was asking for was not knowledge of basic networking, but suggestions for a contingency plan against multiple points of failure without resorting to multiple servers, but nm I have everything working now. I am absolutely not an expert, but a 10 client network would be a weekend project, except that's a colloquialism and can be done in day, less I'm sure for someone who does this kind of thing for a living.