DNS Architecture

From: Nicholas S. Corduan (NcCorduan_at_tayloru.edu)
Date: 09/21/04

Date: Tue, 21 Sep 2004 06:27:47 -0700

I have a question about the DNS architecture we have at
our university. It's been setup this way for longer than
I've been working here, but we're having some issues and
so I thought I would ask for folks' opinions on this

We have two sites in our Acitve Directory Domain. Each
site has one global catalog server, which is the primary
DNS for that site. Our larger site also has a couple of
secondary DNS servers for our zone. Each site also has
something we've been calling our, "external DNS," the
only records of which are also for our own zone, but as
the outside world sees them.

Here's the heart of my question: we have internal
machines looking at and internal DNS servers forwarding
to these "external DNS" servers. Are we gaining anything
from that? As near as I can tell, these servers appear
to be our presence in the external DNS name space, and
therefore not of substantial help for internal machines,
but I realize there might be another function of
an "external DNS" that I'm missing.

Any opinions on this architecture? Thanks much,