Re: Forwarders versus root hints

From: Herb Martin (news_at_LearnQuick.com)
Date: 01/24/05

• Next message: Mr. Land: "Re: Please help a DNS dummie!"
• Previous message: Herb Martin: "Re: Host internal website AND nameservers?"
• In reply to: workinghard_at_news.postalias: "Re: Forwarders versus root hints"
• Next in thread: workinghard_at_news.postalias: "Re: Forwarders versus root hints"
• Reply: workinghard_at_news.postalias: "Re: Forwarders versus root hints"
• Messages sorted by: [ date ] [ thread ]

---

Date: Sun, 23 Jan 2005 21:08:40 -0600

<workinghard@news.postalias> wrote in message
news:#c8BxVZAFHA.1404@TK2MSFTNGP11.phx.gbl...
> Hello,
>
> Thx for your input so far. I gather that when given the choice one should
> go for forwarders and not for root hints?

If that must be answered yes or no, the Yes.

Both work, but in general for external name resolution
do you really want your internal DNS servers, which are
usually DCs even, to be free to go ANYWHERE on the
Internet, inclucing VeryEvilHackers.Com?

When you add that to the efficiencies you derive from letting
the ISP do the bulk of the work, or even answer from a large
cache filled not just by your but by other customers the
benefits are usually clear.

> I've read in some books that you
> use root hints for pointing to the parent domain, forwarders are usually
> mentioned for internet name resolution.

And you cannot MIX these two for the above purpose,
so using root hints internally WHEN you also need to
use the (general*) forwarders not practical.

'General' meaning non-conditional forwarding which is
a new and special case.

> In fact it seems like we can choose
> and be happy if it works.

No, it is not that simple -- they interact (at times) in
some odd ways, e.g., if your forwarder returns NXDomain
before the actual recursion (using root hints) is accomplished
then the recursion not be used.

> The fact that indeed zones can be hosted on any
> server increases the choice we have .... any best practices guides around
> for this (it seems like this can get messy quite quickly in complex
> environments)

Actual, the flexibility was introduced in Win2003 with the
introduction of two new features that address this class of
problems: Conditional Forwarding and Stub Zones.

-- 
Herb Martin
<workinghard@news.postalias> wrote in message
news:#c8BxVZAFHA.1404@TK2MSFTNGP11.phx.gbl...
> Hello,
>
> Thx for your input so far.  I gather that when given the choice one should
> go for forwarders and not for root hints?  I've read in some books that
you
> use root hints for pointing to the parent domain, forwarders are usually
> mentioned for internet name resolution. In fact it seems like we can
choose
> and be happy if it works.  The fact that indeed zones can be hosted on any
> server increases the choice we have ....  any best practices guides around
> for this (it seems like this can get messy quite quickly in complex
> environments)
>
>
> <workinghard@news.postalias> wrote in message
> news:OFRYI8VAFHA.1388@TK2MSFTNGP09.phx.gbl...
> >I have a couple of questions regarding the choice to make between
> >forwarding and root hints:
> >
> >
> > If i have an AD tree with 3 domains, like test.intenal,
> > child.test.internal and subchild.child.test.internal and I want the DSN
> > server in the test.internal to resolve te internet queries, do I use
> > forwarders or root hints on the child domains to find the test.internal
> > DNS servers (after deleting the original root hints in the child DNS
> > servers)
> >
> > Also, when delegating the DNS queries for the children to the child DNS
> > servers on the test.internal DNS servers, when should I use a forwarder
to
> > have the children find the parent test.internal DNS servers or when to
use
> > a root hint?
> >
> > Thx
> >
>
>

---

• Next message: Mr. Land: "Re: Please help a DNS dummie!"
• Previous message: Herb Martin: "Re: Host internal website AND nameservers?"
• In reply to: workinghard_at_news.postalias: "Re: Forwarders versus root hints"
• Next in thread: workinghard_at_news.postalias: "Re: Forwarders versus root hints"
• Reply: workinghard_at_news.postalias: "Re: Forwarders versus root hints"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Windows 2003 SP1 AD DC DNS fails to resolve multihomed A record using Forwarder ... We have multiple forwarders listed and only ... Note that the hostname that we were attempting to resolve has multiple ... These servers also forward queries to the ISP DNS servers. ... (microsoft.public.windows.server.dns) Re: AD-Integrated DNS - Root Hints, Forwarders, Confused! ... if you want that servers ony try to resolve all names in HQ servers make ... to the two HQ DNS servers and remove the root hints from the branch DNS ... forwarders and the best configuration for our environment. ... (microsoft.public.windows.server.dns) Re: Need help with DNS design and settings ... about forest root and tree root domains. ... The name servers box is usually populated automatically (at least I ... thought so) with the DNS servers you have the AD integrated zones on. ... > forwarders for internet queries, I put the address of my 2 external DNS ... (microsoft.public.win2000.dns) Re: Need help with DNS design and settings ... we often point all servers at the ... provided all DNS servers have a consistent copy of the zone. ... Name server box is only the servers authoritative for that zone. ... >>> forwarders for internet queries, I put the address of my 2 external DNS ... (microsoft.public.win2000.dns) Re: Using Forwarders Verses Root Hints ... setting up my forwarders I selected Do Not Use Recursion so I ... Forwarders and just change my Root Hints to show only DNS servers I ... access to their DNS servers unless you are connecting from one of their IP ... (microsoft.public.windows.server.dns)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.dns  > 2005-01