I'll try to explain my problem as clearly as possible. We just migrated from Novell eDir and files/print server to Microsoft AD and files/print server. Our domain is integrated into a regional forest. We're a NAT network, LAN it's a 172.16.0.0 and on WAN it's a 10.140.0.0 network.
Actually, we got rogue Windows DNS and DHCP services. I'm to configure DNS and DHCP services into the domain.
Some users have to work on other sites with different domain (in the same forest) so they bring their laptop and authenticated themselve on our DC (domain).
My first tests went well (tests done locally), everything works as expected. The problems starting to occurs when users have to switch sites. While our DNS was empty, adresses resolution were done by sites DNS. Per example, Lotus Notes server is already known as 10.140.x.x outside and users on other sites was able to access those services.
Now, since I put entry in the domain's DNS, those were resolve as 172.16.x.x. (and unreachable outside LAN).
In attempt to resolve this I multihome some servers with 172.16.x.x and 10.140.x.x IP, unchecked the round robin option on DNS to force the subnet ordering. But on LAN, if I do a nslookup multihomed_name I receive IP in this order : 10.140.x.x, 172.16.x.x.
Maybe there's something I don't understand. I expected to receive first the 172.x.x.x Ip since I'm on a 172.x.x.x network. Does can be an issue of how the DHCP's scope are designed (4 vlan's with /23 mask) ?
Anybody can point me where I'm wrong.
It was the DNS netmask issue.
Sources :
http://support.microsoft.com/kb/842197
http://msmvps.com/blogs/acefekay/archive/2010/05/29/dns-and-subnet-priortization-amp-dns-round-robin.aspx