Ensuring DNS resolves in advanced TCP/IP configurations

When you have HCL Domino® servers with multipleHCL Notes® network ports for TCP/IP, follow these procedures to ensure server name-to-address resolution by DNS.

About this task

This topic covers the following configurations:

  • Users in different DNS subdomains accessing one Domino® server
  • User-to-server access and server-to-server access using different DNS subdomains

Users in different DNS subdomains accessing one Domino® server

About this task

If users are on two isolated networks and the Domino® server has a NIC for each network, use DNS to direct the users to the NIC the server shares with them.

Procedure

  1. Assign an IP address to each NIC by creating A records (or, for IPv6, AAAA records) in DNS. Use the ping command and the IP address to test the responsiveness of the NIC.
    Note: If the Domino® server is running Microsoft Windows and there is a route between the two networks, prevent the NetBIOS broadcasts from exiting from both adapters by using the Windows Control Panel to disable one instance of the WINS client. Use the Bindings tab of the Network dialog box, select All Adapters, and select the name of the NIC for which you want to disable WINS.
  2. Create two CNAME records in DNS for the Domino® server, linking the server's common name to each NIC name in the A records. (Using CNAME records for the Domino® server provides diagnostic fidelity to test the network pathway independently of the server's name resolve.)
  3. Add a second Notes® network port for TCP/IP in Domino®.
  4. Bind each TCP/IP port to the IP address the appropriate NIC. On the server console, verify that both TCP/IP ports are active and linked to the correct IP address.
  5. In the Server document's Net Address field for each TCP/IP port, use the server's common name only, not its FQDN.
  6. On each Notes® workstation, set the user's DNS name lookup scope to the correct DNS subdomain.

Example

About this task

At the Renovations company, some users connect to the Domino® server Chicago/Sales/Renovations over an Ethernet network, others over a Token Ring network. Register the Domino® server with DNS as chicago.east.renovations.com for the users on the Ethernet network and as chicago.west.renovations.com for users on the Token Ring network.

Procedure

  1. Create start of authority (SOA) table entries in DNS for the subdomain east.renovations.com, as follows:
    Table 1. SOA table entries in DNS for subdomain east.renovations.com

    chi-ethernet

    A

    10.20.20.2

    chicago

    CNAME

    chi-ethernet

  2. Create SOA table entries in DNS for the subdomain west.renovations.com, as follows:

    chi-tokenring

    A

    10.10.10.1

    chicago

    CNAME

    chi-tokenring

  3. Change the name of the original Notes® network port for TCP/IP to TCPIP1, and name the second port TCPIP2.
  4. Use the NOTES.INI file to bind TCPIP1 to the IP address for the Ethernet network and to bind TCPIP2 to the IP address for the Token Ring network.
  5. In the Server document's Net Address field for each TCP/IP port, enter chicago.
  6. On the Ethernet users' workstations, set the DNS name lookup scope to east.renovations.com, and on the Token Ring users' workstations, set it to west.renovations.com.

User-to-server access and server-to-server access via different DNS subdomains

About this task

If users need to access a Domino® server over the LAN and other Domino® servers need to access the same server over the WAN, add a second NIC to the server. Then use DNS to direct the users to the NIC for the LAN and to direct other servers to the NIC for the WAN.

Procedure

  1. Assign an IP address to each NIC by creating an A record (or, for IPv6, AAAA record) in DNS. Use the ping command and the IP address to test the responsiveness of the NIC.
    Note: If the Domino® server is running Microsoft Windows and there is a route between the two networks, prevent the NetBIOS broadcasts from exiting from both adapters by using the Windows Control Panel to disable one instance of the WINS client. Use the Bindings tab of the Network dialog box, select All Adapters, and select the name of the NIC for which you want to disable WINS.
  2. Create two CNAME records in DNS for the Domino® server, linking the server's common name to each NIC name in the A records. (Using CNAME records for the Domino® server provides diagnostic fidelity to test the network pathway independently of the server's name resolve.)
  3. Add a second Notes® network port for in Domino®.
  4. Bind each TCP/IP port to the IP address of the appropriate NIC. On the server console, verify that both TCP/IP ports are active and linked to the correct IP address.
  5. To direct the Domino® server's first outbound connection to the server-to-server network, edit the PORT setting in the NOTES.INI file to read as follows:
    PORT=serverportname, userportname
    

    Where serverportname is the name of the Notes® network port for TCP/IP that other Domino® servers will use to connect to this server, and userportname is the name of the Notes® network port for TCP/IP that users will use to connect to this server.

  6. In the Server document's Net Address field for the first TCP/IP port (the port that users will use), enter the FQDN, using the server's common name and the users' DNS subdomain.
    Note: Listing the port that users will use first is important, as the Notes® Name Service cannot distinguish which NIC a user is accessing and makes the connection based on the content of the Net Address field for the first TCP/IP port listed in the Server document.
  7. In the Server document's Net Address field for the second TCP/IP port (the port that servers will use), enter the FQDN, using the server's common name and the servers' DNS subdomain.

    An initiating server uses its local Domino® Directory to detect the Notes® named network it has in common with this server.

  8. Set each user's DNS name lookup scope to the correct DNS subdomain.
  9. In each server's TCP/IP stack, set the DNS name lookup scope to the correct DNS subdomain.

Example

About this task

At the Renovations company, users connect to the Domino® server BostonApp04/Sales/Renovations over the LAN, and other Domino® servers access it privately over the WAN. You register the server with DNS as bostonapp04.boston.renovations.com for the LAN users and as bostonapp04.domino.renovations.com for the server-to-server network over the WAN.

Procedure

  1. Create the following SOA table entries in DNS for the subdomain boston.renovations.com, as follows:
    Table 2. SOA table entries in DNS for subdomain boston.renovations.com

    usr-bostonapp04

    A

    103.210.20.2

    bostonapp04

    CNAME

    usr-bostonapp04

  2. Create the following SOA table entries in DNS for the subdomain domino.renovations.com, as follows:

    srv-bostonapp04

    A

    103.210.41.1

    bostonapp04

    CNAME

    srv-bostonapp04

  3. Change the name of the original Notes® network port for TCP/IP to TCPIP1, and name the second port TCPIP2.
  4. Use the NOTES.INI file to bind TCPIP1 to the IP address for the user network, to bind TCPIP2 to the IP address for the server-to-server network, and to add the setting PORT=TCPIP2, TCPIP1.
  5. In the server document's Net Address field for port TCPIP1, enter bostonapp04.boston.renovations.com. For port TCPIP2, enter bostonapp04.domino.renovations.com.
  6. On each user's workstation, set the DNS name lookup scope to boston.renovations.com. In the TCP/IP stacks of the servers that need to connect to this server, set the name lookup scope to domino.renovations.com.