Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can't resolve DNS after changing subnet mask

Status
Not open for further replies.
barrycork

barrycork

IS-IT--Management
Jul 25, 2002
53
0
0
GB
We have a class C network 192.65.144.0/24. I am changing our internal network subnet mask from 255.255.255.0 to 255.255.254.0 to enable us to create a new DHCP scope with double the amount of IP's we currently have hence the network range would be 192.65.144.0-192.65.145.254.

We have 2 DNS server internally. They both have an IP in the 192.65.144.x range. When I change the subnet mask on these to 255.255.254.0 and go to a client on the new 192.65.145.x range I am able to sucessfully query one of the DNS servers however the other is unreachable. As it also runs exchange I am unable to connect exchange clients. Clients in the 192.65.145.x range can ping the DNS/Exchange server however they cannot resolve DNS queries from it. If I go to the DNS/Exchange server I can ping all clients on the 192.65.145.x range.

I have flushed the DNS cache on client & server. I have checked DNS is listening on the correct interface. I have restarted DNS on the server & I have restarted the server however I am still unable to query it from the 192.65.145.x.

I am pretty sure my proposed new subnet mask is valid as I am having no issues with my other DNS server. It is also on the 192.65.144.x range and clients on the 192.65.145.x range are able to query it sucessfully.

It appears that DNS is not applying the new subnet mask to the listening interface so won't communicate with clients on the 192.65.145.x range.

Any suggestions would be apprecaited.

Thanks,

Barry
 
Sort by date Sort by votes
Does the 192.165.144.0/23 belong to you? That's a public range, not private...

Burt
 
Upvote 0 Downvote
Hi

YOu may need to add a route to the other network, sounds like it can not find its way. The other thought I had was because of your change does that make your gateway adddress also change ?
Someone with more knowledge can probably say off the top of there head, but I dought your gateway is going to be exactly the same for each network.

Regards

Dave


 
Upvote 0 Downvote
The dhcp scope needs to match the largest nw, which is 192.65.144.0-192.65.145.254. Otherwise, the way it is now, the dhcp scope will hand out addresses from 192.65.144.1 through 192.65.144.254, leaving out 192.65.144.255 through 192.65.145.254
Also, you can't just take a block of public IP addresses and use them at will (I.E. change the mask to extend the subnet, which in this case makes it a supernet), unless the IANA has ASSIGNED this whole block to you for MONEY!

Burt
 
Upvote 0 Downvote
SPI200,

Because I have changed the subnet mask it is on the same network so shouldn't need a route added. This is backed up by the fact I can query my other DNS server. Again as the DNS server is local it does not use the gateway so no change needed there as far as I can see.

Burtsbees,

The intention is to setup the DHCP scope to serve 192.65.144.0-192.65.145.254 however before implementing this i am testing with a static client in the 192.65.145.x range.

You are correct in that I am creating a supernet on a public IP range. This was the range on the network before I took over the job. I should change it to a private and will when I have the time however these addresses are not visible from the internet. We have a single public IP that is visible and belongs to us. All network PC's are therefore NAT clients behind the public IP. The fact the internal range is not private is not the issue as far as I can see. If it was I don't think anything would work!

Thanks,

Barry
 
Upvote 0 Downvote
You're right, as long as they are not seen from the outside world.
"When I change the subnet mask on these to 255.255.254.0 and go to a client on the new 192.65.145.x range I am able to sucessfully query one of the DNS servers however the other is unreachable."
From what to what is reachable, and from what to what is unreachable (IP addresses)? Did you ecently put this client into the 192.65.145 range, or was it in the original /24 block? If the IP address has been changed, can you put it back to 192.65.144.x range, with a /23 mask, and then a /24 mask? Which is successful then?

Burt
 
Upvote 0 Downvote
Hi Burt,

I got the problem sorted. The DNS that was causing the issue had the Proxy/Firewall client for ISA2000 installed as we use this for web access. The DNS that was working correctly did not have the client installed. It appears that when a client from 192.65.145.x was quering DNS it must have been routing the respons back out to the ISA server rather than back to the 192.65.145.x address. Simply disabling the proxy client corrected the problem.

Thanks for your help.

Barry
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jmarkus
  • Locked
  • Question
Can I have a different private IP address which isn't on my router's subnet?
Replies
6
Views
146
sbcsu
sbcsu
Guthro
  • Locked
  • Question
BT Loopback problem - finally resolved.
Replies
0
Views
37
Guthro
Guthro
willilaw
  • Locked
  • Question
After Transmission Break TCP handshake fails
Replies
0
Views
33
willilaw
willilaw
DaveBarribeau
  • Locked
  • Question
Duplicate source port after reboot, host won't SYN,ACK
Replies
0
Views
54
DaveBarribeau
DaveBarribeau
TheDugsBaws
  • Locked
  • Question
DNS/VPN/IP Addressing
Replies
0
Views
42
TheDugsBaws
TheDugsBaws

Part and Inventory Search

Sponsor

Back
Top