[isalist] Re: wpad.dat DNS entry
- From: "Roy Tsao" <caohuiming@xxxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Thu, 31 Aug 2006 21:59:37 +0800
Hm...
You have two ISA SE, let say its internal interface IP address is
192.168.0.1/24 and 192.168.0.2/24.
You creat two a record in DNS, isa.dan.local -> 192.168.0.1 and
isa.dan.local -> 192.168.0.2
Then by DNS round robin, your internal client (except SNAT) would enjoy the
connection to either
of the ISA SE server for ounbound connection, make sense?
----- Original Message -----
From: Ball, Dan
To: isalist@xxxxxxxxxxxxx
Sent: Thursday, August 31, 2006 9:01 PM
Subject: [isalist] Re: wpad.dat DNS entry
I think that would only work on inbound connections. You can't define
round-robin DNS entries for someone else's server!
------------------------------------------------------------------------------
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Roy Tsao
Sent: Thursday, August 31, 2006 8:42 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: wpad.dat DNS entry
Surely about outbound connection!
----- Original Message -----
From: Ball, Dan
To: isalist@xxxxxxxxxxxxx
Sent: Thursday, August 31, 2006 8:34 PM
Subject: [isalist] Re: wpad.dat DNS entry
You referring to incoming or outgoing connections?
----------------------------------------------------------------------------
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Roy Tsao
Sent: Thursday, August 31, 2006 8:28 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: wpad.dat DNS entry
Dan,
Suppose you have two external line provided by different ISP, normally two
ISA EE is needed
but by using DNS round robin, you can deploy two ISA SE for load
balancing..., that's my
point.
HTH,
Roy
----- Original Message -----
From: Ball, Dan
To: isalist@xxxxxxxxxxxxx
Sent: Thursday, August 31, 2006 8:19 PM
Subject: [isalist] Re: wpad.dat DNS entry
No, you would still have that "one default gateway" problem. Besides,
that feature is only for DNS entries that "you" control, not external.
--------------------------------------------------------------------------
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Roy Tsao
Sent: Thursday, August 31, 2006 4:36 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: wpad.dat DNS entry
Dan,
Your problem is due to DNS round robin feature, and it shall be solved by
Stefaan's great
guidance.
On the other hand, don't you think we can utilize such round rodin as a
good feature to
implement NLB to balance connection to multi external interface by using
ISA STD version
only?
HTH,
Roy Tsao
----- Original Message -----
From: Stefaan Pouseele
To: isalist@xxxxxxxxxxxxx
Sent: Thursday, August 31, 2006 4:08 PM
Subject: [isalist] Re: wpad.dat DNS entry
you might check out http://support.microsoft.com/?kbid=842197.
HTH,
Stefaan
------------------------------------------------------------------------
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ball, Dan
Sent: donderdag 31 augustus 2006 3:28
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: wpad.dat DNS entry
Good article, it sounds very similar to my scenario. I already had the
"enable netmask ordering" option enabled, so that is not the problem. Do you
think it might be because each of the 10.6.x.x subnets have a mask of
255.255.255.0?
------------------------------------------------------------------------
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Stefaan Pouseele
Sent: Wednesday, August 30, 2006 3:57 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: wpad.dat DNS entry
Hi Dan,
check out my blog
http://blogs.isaserver.org/pouseele/2006/06/30/multi-networking-wpad-support-in-isa-2004/.
HTH,
Stefaan
------------------------------------------------------------------------
From: isalist-bounce@xxxxxxxxxxxxx
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ball, Dan
Sent: woensdag 30 augustus 2006 21:47
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] wpad.dat DNS entry
I'm having a serious problem here with the wpad name resolution. I
moved it from being sent out via DHCP to DNS per Jim's recommendation, which
seems to have speeded up some things, but is now unreliable and causing
problems.
The problem appears to be the multiple internal subnets. Here is a
diagram of how it is laid out:
Internet
|
ISA Server --- Internal Network 1 (10.20.1.1)
|
Internal Network 2 (10.6.254.90)---- 10.6.8.x Subnet
|-- 10.6.9.x Subnet
|-- 10.6.10.x Subnet
|-- 10.6.12.x Subnet
|-- 10.6.14.x Subnet
|-- 10.6.15.x Subnet
I entered two Host (A) records for wpad, one for 10.20.1.1, and another
for 10.6.254.90.
Frequently I run across computers on the 10.6.x.x subnet where the FWC
cannot automatically detect the ISA server, so I ping wpad and it resolves to
the 10.20.1.1 address instead of the 10.6.254.90 address that it is supposed to
get. I try repairs and such, it keeps resolving to the wrong one. When I
reboot the computer, it resolves to the correct IP and works properly. I
reboot the computer several times, and it gets the correct address. But, I'll
hear of another computer having problems, and I'll check and it is the same
problem. This is not going to be pretty over the next few days as teacher come
back to work after summer vacation.
What is the best way to resolve this? Change it back to DHCP,
customize host files, etc?
Other related posts:
