Routing and Remote Access IP Addresses Register in DNS

Article translations Article translations
Article ID: 289735 - View products that this article applies to.
This article was previously published under Q289735
Expand all | Collapse all

On This Page

SYMPTOMS

When DNS queries for the domain name or the domain controller's fully qualified domain name (FQDN) are sent to a Windows 2000 domain controller that is running Routing and Remote Access, the domain name or FQDN for the domain controller is resolved to an Internet protocol (IP) address that is used by Routing and Remote Access.

DNS Manager displays HOST (A) records for the Routing and Remote Access server IP addresses and Routing and Remote Access client IP addresses with the name of the domain controller and the name of the domain that is used for Active Directory.

NOTE: In Windows 2000, a HOST (A) record for the domain name is displayed with the same name as parent folder.

This behavior occurs after the first incoming Routing and Remote Access or virtual private network (VPN) connection causes the server to bind an IP address to its own NDISWAN adapter. Because the Windows 2000-based computer uses DNS name resolution for accessing NetBIOS resources, you may not be able to access resources.

CAUSE

This issue can occur because after you have configured and enabled Routing and Remote Access on a Windows 2000 domain controller, and the first incoming Routing and Remote Access or VPN connection is made, the server creates a PPP/NDISWAN interface. After this interface is created, the Netlogon service or the DNS Server service recognizes the interface as an interface, and then registers HOST (A) records for the Routing and Remote Access IP address that the server takes as well as the Routing and Remote Access client IP address.

RESOLUTION

NOTE: If you run Routing and Remote Access on a domain controller that owns the operations master role, a multi-homed master browser is created. It is recommended that you install Routing and Remote Access on another computer for full browsing capabilities. It is also recommended that the domain controller, which is the multi-homed master browser, has only one interface. For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
191611 Symptoms of Multi-homed Browsers

How to Prevent the DNS Server Service from Registering A Records

The DNS Server service registers HOST records for all interfaces on the local computer including interfaces created by Routing and Remote Access. To prevent this behavior, configure the interfaces available to DNS. To do so:
  1. Start DNS Manager.
  2. Right-click the computer name, and then click Properties.
  3. Click the Interfaces tab, and then click Only the following IP addresses.
  4. Remove any Routing and Remote Access IP addresses that are listed.
If the Routing and Remote Access IP addresses are not displayed in the DNS console, but HOST (A) records are registered for the FQDN of the domain controller in DNS, use the PublishAddresses registry key to manually add only the IP addresses which you want DNS to register. Add the appropriate IP addresses with one space between addresses to the value. To configure the PublishAddresses registry key:
  1. Start Registry Editor (Regedt32.exe).
  2. Locate and click the following key in the registry:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
  3. On the Edit menu, click Add Value, and then add the following registry value:
    Value name: PublishAddresses
    Data type: REG_SZ
    Range: IP address
    Default value: blank
  4. Quit Registry Editor.

How to Prevent Netlogon A Records from Being Registered

The Netlogon service registers the records for the domain. These records have the same name as the parent folder. To prevent this behavior, use the RegisterDnsARecords key. When you set this value to 0, Netlogon A records are not registered. To set the RegisterDnsARecords key:
  1. Start Registry Editor (Regedt32.exe).
  2. Locate and click the following key in the registry:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
  3. On the Edit menu, click Add Value, and then add the following registry value:
    Value name: RegisterDnsARecords
    Data type: REG_DWORD
    Range: 0 - 1
    Default value: 1
  4. Quit Registry Editor.
After you complete this procedure, you must maintain the HOST (A) records for the domain in its forward lookup zone, and the global catalog HOST (A) record that is located in _msdcs.gc.domain name.com.

MORE INFORMATION

For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
246804 How to Enable/Disable Windows 2000 Dynamic DNS Registrations

Properties

Article ID: 289735 - Last Review: February 28, 2007 - Revision: 2.3
APPLIES TO
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
Keywords: 
kbnetwork kbprb KB289735

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com