Re: Stub Zone or Conditional Fowarding?

Hi
If I understand you correctly your main concern is T1 activity, correct?
Fastest way to resolve is = Secondary Zones - Why? Resolve all queries
locally and your T1 is only used for delta updates (only changes are
replicated).

Forwarding = You have better control of which servers does your Server
contact for queries resolution. (Needs Active link)

Stub Zones = The big advantage of Stub Zones is that updates NS records
automatically, so if new DNS servers are added, your DNS server you'll know
about that. (Needs Active Link)

IMO: I f your primary concern is link activity, you should use secondary
zones, by using Secondary zones all queries will be resolved locally, and T1
traffic will decrease significantly

take a look at
http://support.microsoft.com/default.aspx?scid=kb;en-us;811118

- Let me known what do you think
- Wait for other opinions.

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Phil S." <nospam-m-phil-NoSpam@one two three m-a-p-s.net> wrote in message
news:ur8tYXqzGHA.4796@xxxxxxxxxxxxxxxxxxxxxxx
Goggled and searched this NG for answer, but still need help. (Jorge
reply on similar question on August 2, 2006 had good links)

MyCompany.com and OtherCompany.com are linked DMZ to DMZ via by dedicated
T1. OtherCompany.com has set up a special DNS server for MyCompany (and
other vendors) to use in their DMZ. This DMZ name server then links to
application servers at OtherCompany inside 2nd FW. Vendors can only reach
specific application servers / web sites.

I need to reduce the DNS queries to a minimum across the T1. Application
my users have was written such that a lot of DNS queries are used for each
application database update, refresh, or whatever. T1 traffic is very
high.

My question: which method, Stub Zone or Conditional Forwarding, will
result in the least amount of DNS queries across T1 link? Plus which
method can have the my local DNS server(s) hold a cache of DNS resolution
for a TTL of 12 hours or more? (refresh only during after hours.)

I hope I have asked my question correctly, I may have added too much
details, but trust me - the actual case is a lot more complex that this.

Phil






.

Relevant Pages

  • Re: Pre-authentication failed for Windows 2008 systems
    ... This posting is provided "AS IS" with no warranties, ... If you are asking if the primary DNS zone contains A ... Active Directory Integrated Zones ... There are no WINS servers configured for this interface. ...
    (microsoft.public.windows.server.security)
  • Re: Forward lookup zone not automatically created for new domain in fo
    ... Company.biz is the forest root. ... forward lookup zones on the domain controllers hosting shell.company. ... You need your DNS servers in every domain/tree ... servers are Win2003 you can do forest wide AD Integration ...
    (microsoft.public.windows.server.active_directory)
  • Re: [fw-wiz] PIX, DNS fixups and Zone Transfers
    ... > We've recently implemented a PIX firewall setup, resulting in two DNS ... On the DNS servers, the ... > the current setup so that lookups by machines on the DMZ would work fine. ... Our DNS zones have one primary and 4 secondaries, ...
    (Firewall-Wizards)
  • RE: Sites and Services
    ... >> same as our existing Bind DNS name. ... Our Windows DNS servers then transfer the zones to ...
    (microsoft.public.windows.server.active_directory)
  • Re: DNS resolving issue with new child domain
    ... What can you tell us about your DNS setup? ... Which zones are on which servers? ... Perhaps I should remove the dns server on the child domain and recreate it ...
    (microsoft.public.windows.server.dns)