Re: Question re: DNS forwarding best practices
From: Kevin D. Goodknecht Sr. [MVP] (admin_at_nospam.WFTX.US)
Date: 11/17/04
- Next message: Kevin D. Goodknecht Sr. [MVP]: "Re: MX-resolve problem ..."
- Previous message: Rudy Steyaert: "Re: MX-resolve problem ..."
- In reply to: Jason: "Question re: DNS forwarding best practices"
- Next in thread: Roger Abell: "Re: Question re: DNS forwarding best practices"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 17 Nov 2004 10:56:58 -0600
In news:93301DE7-5DB1-4604-A161-EABDA0AE5A50@microsoft.com,
Jason <jclishe@NOSPAM.nusoftsolutions.com> commented
Then Kevin replied below:
> Lets say you have a company with a root AD domain, and 3
> child domains. Call the domains domain.com,
> mi.domain.com, oh.domain.com, and pa.domain.com. All DC's
> in all domains are DNS servers, and all zones are AD
> integrated. Some DC's are Win2K and some are Win2K3.
>
> The root domain is confined to 3 DC's at a single
> location, while the child domains have DC's spread across
> many locations. Each child domain has one primary data
> center, and satellite offices branch out from it in a hub
> and spoke fashion. Each remote site has its own Internet
> connection. Some of the remotes have an additional
> dedicated circuit back to its hub, while some use a site
> to site vpn back to the hub. All child domains need to be
> able to resolve devices in the root domain, but not
> necessarily other child domains.
>
> So here's the question. What would be the best way to
> forward DNS queries? The way I see it, my options are:
>
> 1) Configure forwarders on all DNS servers to point at
> the DNS servers in the root domain, and let the root
> forward to the Internet.
This would work, but it would mean that the root domain DNS would be
resolving all external queries and would create a single point of failure,
because on the child DNS servers forwarders tab you would need to select "Do
not use recursion" to keep the child DNS server from trying to use Root
Hints if the parent DNS responds a bit too slow.
2) Use conditional forwarding on
> all DNS servers to forward the root domain to the root
> DNS servers, and all other domains to the local ISP's DNS
> servers. (although this obviously wouldn't work for the
> Win2K boxes)
Correct it won't work for the Win2k boxes
3) Configure the replication scope of the
> root domain to all DNS servers in all domains, and each
> DNS server forwards directly to its local ISP's DNS
> servers (would this work for the Win2K boxes?)
No this won't work for the Win2k boxes.
4) Create
> a secondary zone for the root zone on all DNS servers,
> and let each DNS server forward directly to its local
> ISP's DNS server.
This would be the best way on the Win2k child boxes.
>
> Did I miss anything? Which of the options would be the
> most desirable? I'm thinking option number 3, although I
> don't know how that would impact the Win2K DNS servers,
> since replication scope was added in Win2K3.
Since you don't state what servers are Win2k and which are Win2k3 it would
be difficult to advise you which to use.
-- Best regards, Kevin D4 Dad Goodknecht Sr. [MVP] Hope This Helps =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx ===================================
- Next message: Kevin D. Goodknecht Sr. [MVP]: "Re: MX-resolve problem ..."
- Previous message: Rudy Steyaert: "Re: MX-resolve problem ..."
- In reply to: Jason: "Question re: DNS forwarding best practices"
- Next in thread: Roger Abell: "Re: Question re: DNS forwarding best practices"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
