[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] DHCP Settings
 Date:  Mon, 19 Sep 2005 23:22:07 -0400 
On 9/19/05, James W. McKeand <james at mckeand dot biz> wrote:
> PF: m0n0wall wrote:
> >> -----Original Message-----
> >> From: Jay Binks [mailto:Jay dot Binks at safeworld dot net dot au]
> >> Subject: FW: [m0n0wall] DHCP Settings
> >>
> >> Mainly, because the windows server sucks.
> >> And is up and down like a yoyo..
> >>
> >> Ive managed to HACK my monowall to do as a wanted.
> >>
> >
> >
> > If you are running a Windows Active Directory, you are going to
> > eventually run in to a situation where you NEED the Windows DNS
> > working properly or things are going to get hosed.  Windows
> > 2000/2003/XP and active directory are very dependent on DNS working
> > properly for the machines that are on the network (i.e.. Servers and
> > workstations need DNS entries.) For example, if you try and add a
> > machine to the domain and it can't resolve the AD servers DNS name,
> > it won't fly.
> >
> > I run several Windows networks and never have had any issues with
> > Windows 2000/2003 DNS servers crashing or being unavailable.
> > Something is wrong with your setup if this is happening.
> >
> > As another poster mentioned, the best idea is to use the AD DNS for
> > your Windows machines and have the AD DNS servers use m0n0wall as the
> > DNS forwarder.
> >
> > OK, let the flame war commence.
> 
> Don't want to flame - want to agree... For AD to work properly you need
> use Microsoft's DNS. They say you can use BIND, but my experience has
> been when you don't use Microsoft's parts things go goofy - quick.
> Probably 95% of the networks I have been called into work on have
> problems stemming from name resolution - this goes back for over 8 years
> with NT 4 networks. If name resolution does not work properly - all
> kinds of squirrelly things happen. Whether the name resolution mechanism
> is DNS or WINS, if it is broke (or not used) things do not go well.
> 
> As far as "HACK my monowall to do as a wanted" why would anyone go threw
> that much trouble. You can take a piece of steel, drill a hole, tap it
> (put internal threads in the hole), cut the corners off and make a nut.
> Or go to the hardware store a get one ready made out of a bin.
> 

Another "yes indeed" from someone whose day job is ~25% administering
a Windows AD network, plus consulting jobs to clean up the mess where
"Windows goes wrong", and has been working with Windows domains since
the NT 4 days starting shortly after it came out back in 1996.

If any Windows server, especially 2000 or 2003, is "up and down like a
yoyo", the least of your problems are coming from Redmond.  Rather
might I suggest you find someone competent to handle Windows server
administration.

and to the original poster:  I told you how to do what you're after in
my first response, all the functionality exists in m0n0wall already.

-Chris