Re: Help - Config of forwarders

Tech-Archive recommends: Speed Up your PC by fixing your registry

who_at_where.com
Date: 05/11/04 

Date: Tue, 11 May 2004 10:21:28 +0100

Thanks Herb,

I really have trouble learning things without understanding the nitty
gritty, for example If I read in a book "Delegate the child domain"
it doesn't sink in unless there is an explanation like your that follows.

But

If I read in the same book "Delegate the child domain",
*quoting you*
by adding the "child" (delegated) domain
name to the parent as an NS record with the name of the domain and
the name of the DNS server..
(If not already present elsewhere an A-host record for that NS record
server name must also be added.)

Then it makes sense to me, maybe I'm a bit odd ?

Paul

"Herb Martin" <news@LearnQuick.com> wrote in message
news:%23x0qTJvNEHA.1456@TK2MSFTNGP09.phx.gbl...
> > > For that to work (we are talking now about the "first major
> > > purpose" of a DNS server) the PARENT DNS server must
> > > delegate to your authoritative DNS servers -- and they must
> > > be reachable on the net.
> >
> > "Delegate to" means to tell the Parent DNS that the domain name
> > manufacturing.abc.com exists and has a DNS server with IP address of
> > xx.xx.xx.xx ?
>
> Yes, and technically it is done by adding the "child" (delegated) domain
> name to the parent as an NS record with the name of the domain and
> the name of the DNS server.
>
> (If not already present elsewhere an A-host record for that NS record
> server name must also be added.)
>
> These are technically called "delegation records" but a common,
> very nearly technical term is also "Glue records" because they
> glue the DNS namespace together from top (root) to bottom.
>
>
> --
> Herb Martin
> "who@where.com" <someone@somewhere.com> wrote in message
> news:#l7frFsNEHA.3476@TK2MSFTNGP09.phx.gbl...
> > Many thanks Herb,
> >
> > To ask a further point then:-
> >
> >
> >
> > Paul
> >
> > "Herb Martin" <news@LearnQuick.com> wrote in message
> > news:eKRP24eNEHA.556@tk2msftngp13.phx.gbl...
> > > "who@where.com" <someone@somewhere.com> wrote in message
> > > news:#wbuyIcNEHA.2780@TK2MSFTNGP09.phx.gbl...
> > > > take this example
> > > >
> > > > abc.com
> > > > is hosted externally on a Unix DNS server.
> > >
> > > Actually "forwarders" have (almost) nothing to
> > > do with your own Zones.
> > >
> > > There are two major purposes to a DNS server -
> > > 1) Resolve names of YOUR resources
> > > 2) Help you clients resolve all names
> > >
> > > These two purposes should be considered separately.
> > > Forwarders are almost totally related to the latter.
> > >
> > > > If I add an AD Forrest and call the 1st AD Domain
> > > > Manufacturing.abc.com
> > > >
> > > > and a child domain called Brentwood.manufacturing.abc.com
> > > > and host these on W2k ad integrated DNS servers, would I be correct
in
> > > > saying I would have my W2K server as authoritative for
> > > > manufacturing.abc.com and point my forwarders from it to the Unix
DNS
> > > server
> > >
> > > That is ONE way to do it. The point of forwarders is to
> > > help your DNS server resolve names they cannot (or should
> > > not) resolve for themselves.
> > >
> > > The other choice is to use root hints to point your DNS
> > > server(s) to a "common root" (a common zone from which
> > > all others can be found by recursing through the delegations.)
> > >
> > > > does that mean that any DNS resolution for names outside of the
> company
> > > will
> > > > go from the manufacturing.abc.com dns server on to the Unix DNS
server
> > for
> > > > the abc.com domain and be resolved.
> > >
> > > Yes. Any zone not held by the first server should use the
> > > forwarder.
> > >
> > > > If I did that would say another user on the internet be able to
> resolve
> > > > names in manufacturing.abc.com ?
> > >
> > > Completely different issue.
> > >
> > > For that to work (we are talking now about the "first major
> > > purpose" of a DNS server) the PARENT DNS server must
> > > delegate to your authoritative DNS servers -- and they must
> > > be reachable on the net.
> > >
> > > Also consider that you probably should not be mixing
> > > internal and external resolution (for others).
> > >
> > > --
> > > Herb Martin
> > >
> > >
> >
> >
>
>

Relevant Pages

  • Re: Delegated zones - question for an MCSE or MCSA..
    ... After you delegate a zone to a child domain the dns servers ... parent DNS server for the child DNS server. ... 255248 How to Create a Child Domain in Active Directory and Delegate the DNS ...
    (microsoft.public.cert.exam.mcse)
  • Re: DNS delegation not working.
    ... We are using windows 2003 Server in mixed mode. ... But I am creating a DNS delegation for the child domain on the master ... are not getting created in the delegated Zone on the Child DNS server. ...
    (microsoft.public.windows.server.dns)
  • Re: short name resolution
    ... I have a root domain and many child domain setup (no child domain, ... DNS server which in turn looks in the domain zone that it is ...
    (microsoft.public.windows.server.dns)
  • Re: short name resolution
    ... The DNS server thinks that you are looking for server2.child1.root.local, ... I have a root domain and many child domain setup (no child domain, ...
    (microsoft.public.windows.server.dns)
  • Re: Delegated zones - question for an MCSE or MCSA..
    ... A delegated zone essentially establishes a forwarder, ... Just because the higher level server is configured to ... After you delegate a zone to a child domain the dns ... > parent DNS server for the child DNS server. ...
    (microsoft.public.cert.exam.mcse)