DNS forwarders

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

---

• From: "Jerry" <jerry.giacinto@xxxxxxxxxxxxxxxxxxxxxx>
• Date: Thu, 3 Nov 2005 12:17:07 -0700

---

Hi. I'm Running Windows Server 2003, SP1. I have 5 sites connected through
T1 WAN links. My internet connection is at Site A, and all other sites
(I'll call them the "remote sites") use the same internet connection. At
each site I have a DC, which is also running DNS, and at Site A I have a
second DC with DNS for redundancy. Each one of these DNS servers is
configured with forwarders, which are servers at my ISP. Clients at Site A
are configured with the main DNS server at Site A as the primary, and the
redundant server at Site A as the secondary. Clients at remote sites are
configured with the DNS server at their site as the primary, and the main
DNS server at Site A as the secondary.

Recently, a consultant suggested that I either:
1) Remove forwarders altogether and use root hints.
2) Remove the ISP forwarder entries from all the remote sites and replace
them with the address of the main DNS server at Site A. Then only the main
DNS server at Site A would use internet traffic to forward queries to the
ISP's resolvers.

I'm not sure which of these options is better or how exactly they'll affect
DNS resolution. If I went with option 2, is it even necessary to specify a
forwarder at the remote sites, or will DNS "figure it out?" Also, I would
guess that with this option, I would still want to keep the ISP forwarder
entries on my redundant DNS server at Site A in case the main DNS server
went down?

I'm also not sure if I should check or uncheck the "Do not use recursion for
this domain" checkbox on the Forwarders tab in any of the scenarios I've
listed, including my current configuration.

Looking for a little guidance, please.

Thank you,
Jerry


.

---

• Follow-Ups:
  • RE: DNS forwarders
    • From: Steven Wang [MSFT]

• Prev by Date: Re: How do I configure DNS to find printers?
• Next by Date: Re: DNS and Active Directory
• Previous by thread: Re: How do I configure DNS to find printers?
• Next by thread: RE: DNS forwarders
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Replication issues ... I wanted to say Zone Transfers not Zone Forwarding. ... AD-Integrated DNS does not do zone transfers between the ... your DNS server will bypass ... (microsoft.public.windows.server.active_directory) Re: Windows 2008 DNS forwarders and root hints ... I think I have found a bug in the Windows 2008 DNS management tool. ... Properties then select the Forwarders tab. ... this screen called "Use root hints if no forwarders are available". ... IsSlave is set to 1 which causes the DNS server *NOT* to use root ... (microsoft.public.windows.server.dns) Re: DNS Poisoning, pharming, pollution ... seen any signs of DNS pollution since I started this thread. ... I do understand that it could be the forwarders ... > since in some sense the DNS server must trust the forwarder. ... (microsoft.public.windows.server.dns) Re: When is it appropriate to use forwarders? ... DNS serverfor specific DNS domain. ... to be able to resolve the names in a business partner's ... in a firewall as your DNS server will be talking to specific IPs of ... Now, hidden in the above, is a use of forwarders as follows. ... (microsoft.public.windows.server.dns) Re: Servers hang on boot ... The last DC at that site (not a DNS server). ... EventID: 0x00000457 ... (Event String could not be retrieved) ... (microsoft.public.windows.server.networking)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.dns  > 2005-11