One NIC, two IPs and a DC

cdmk · 2024-10-23T18:45:10.696Z

Hi, I have a DC server with one NIC and an IP. Everything runs as intended.

If I add a second IP to the same NIC will the DC continue to function OK? What’s the proper way to do it?

Thanks

tb33t · 2024-10-23T19:06:33.098Z

Theoretically it should continue to function as normal. What is the purpose of the 2nd NIC?

cdmk · 2024-10-23T19:11:10.401Z

There’s no 2nd NIC, only a second IP on the one and only NIC. The purpose is to provide a service to many clients that have this IP hardcoded.

matt7863 · 2024-10-23T19:14:27.824Z

(Assuming it is in a different IP network) It is likely to cause problems for existing clients/servers if you do not take extra steps.
The main problem is that the DNS entry for the DC could be updated with either the new IP only, or both IP addresses. If a client that is using the current IP range makes a dns request for the domain and is given the response of the new IP then it will cause issues if it cannot reach that IP.

It would be a very unusual scenario that required a second IP on a DC.
If there is a new IP network that requires access this should be routed to the current network.
Is it just a second IP in the same IP network (same range)?

What is the reason for the second IP?

cdmk · 2024-10-23T19:21:39.721Z

It’s 192.168.1.1 and 192.168.1.2

We migrated some file shares to the DC server and clients are already configured to reach the old file server.

tb33t · 2024-10-23T19:22:12.525Z

I misread your post. If the service can be moved to another server please do so. If not, there might be issues as mattshaw has stated. Is it possible to change the hardcoded IP on the clients?

phildrew · 2024-10-23T19:28:30.925Z

It’s generally a bad idea to multihome (have multiple IP addresses on) a domain controller.

If you need to, read through this: Avoid registering unwanted Network Interface Controllers (NICs) in Domain Name System (DNS) - Windows Server

cdmk · 2024-10-23T19:33:48.448Z

Yes I know, the recommendation is to avoid it when using multiple NICs with different IPs. My case is one NIC with two IPs and I’m trying to find out if it’s something different and doesn’t count as multihome.

phildrew · 2024-10-23T19:35:19.652Z

After re-reading the first post, it sounds like they want to add multiple IP addresses to a single NIC, not use multiple NICs.

I don’t think this is supported. You can read through my link above to see behaviours you can expect if you can’t not register the “secondary” IP address.

matthew-martin · 2024-10-23T19:50:27.411Z

Any extra IP will register in DNS. A second IP on the same subnet accessible to the existing clients should be fine. Otherwise, don’t – clients trying to reach the DCs on IPs that are unable to reach is not good.

PatrickFarrell · 2024-10-23T19:59:51.212Z

cdmk:

Hi, I have a DC server with one NIC and an IP. Everything runs as intended.

If I add a second IP to the same NIC will the DC continue to function OK? What’s the proper way to do it?

Thanks

Do not add multiple IPs to a domain controller. You are asking for problems by doing this.

File shares should not be on the domain controller if possible. Why are clients coded with an IP address for a file share instead of an FQDN? Are these just mapped drives, did they get hard coded in an application? I ask to determine the pain point level of having to change the clients. For example it’s a custom app you don’t have a coder to fix it and it’s hard coded. That’s obviously a huge pain point vs they have shortcuts on their desktop pointing at a mapped drive via IP.

If you are absolutely stuck with that file share IP, you would be better off just changing the DC IP to the second IP address and giving up the first.

spiceuser-ppa5 · 2024-10-24T06:51:33.791Z

You can get your self cleared about this issue by reading this networking - 2 IP addresses - 1 NIC or 2 NICs - Server Fault

matt7863 · 2024-10-24T09:35:25.184Z

TB33T:

he service can be moved to another server please do so. If not, there might be issues as mattshaw has stated. Is it possible to change the hardcoded IP on the clients?

So you can just add that as a second address - to the existing NIC.
Whilst not ideal it will be less problematic than a different range.

You should then go round each device and map the location to a dns name not IP.
I highly recommend using DFS paths also not servernames as this is flexible for future migraiton.

cdmk · 2024-11-10T17:16:39.220Z

I actually went with this. The added IP is on the same subnet, it’s the DC itself and so far so good, no issues.

Rod-IT · 2024-11-10T17:48:52.611Z

cdmk:

so far so good, no issues.

Ever the optimist. While you may have no issues in the first few weeks, perhaps months, what happens when you do and you’re so deep in to this it’s now even harder to unpick.

cdmk:

We migrated some file shares to the DC server and clients are already configured to reach the old file server

TO?, the DC?

So now it’s multi-homed and runs a file server, it’s getting worse.

Clients should never use IPs only DNS names, so migrating is easier, adding DNS alias does not require a second IP or any re-configuration of the client, the only caveat is the name can’t be in use somewhere else.

adrian_ych · 2024-11-11T04:41:52.807Z

cdmk:

I actually went with this. The added IP is on the same subnet, it’s the DC itself and so far so good, no issues.

Did you look thru the event logs (especially on replication and Domain Services) ?

How many DCs do you have ?
What OS is the DCs ?

Why the need to put the file server onto “most critical server” ?

While DCs are not “heavy” or resource hungry servers, they are very busy with authentication of users, file shares, resource rights etc ?
DCs can be critical as they sometimes control services like email, SQL,DBs, file shares etc