Re: DNS Stub zones vs secondary zones

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

You guys rule.

"Herb Martin" <news@xxxxxxxxxxxxxx> wrote in message
news:OrGhCi%23PHHA.1380@xxxxxxxxxxxxxxxxxxxxxxx

"Marlon Brown" <MarlonBrown@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:%23Y$a%2329PHHA.2140@xxxxxxxxxxxxxxxxxxxxxxx
Can someone give me an example on when I should create a DNS 'stub' zone
instead of 'secondary' ?

Example:
You have two domains, geographically separated, one in North America
(NA.dom.com)
and one in South America (SA.dom.com).

NA has 500,000 user machines and servers. The WAN line is not suitable
for replicating all this DNS info to SA, or you just don't want to waste
it on
that.

So you setup a STUB in SouthAmerica which only knows about the
DNS servers (SOA, NS, and NS A records). It never transfers the
entire 500,000 computer DNS zone but it can FIND ANY of the
servers need from NA.

Chances are you will never need more than a few (or a few dozens)
of those NA server to be found by Southamerican clients. Say the
DNS servers, DC, maybe some email servers etc.

I have worked on projects that required secondary zones, but so far I
haven't had a chance to see a situation in which Windows DNS stub zones
would be required.

For small zones it isn't a big benefit. Even for large zones that seldom
change.

Stub zones solve exactly the same set of problems as Conditional
Forwarding
but there is a very subtle difference:

With Stubs the contents of the zones (NS records mostly) get auto-updated
if there are changes, additions, or deletions to those nameservers. So
less
admin work.

With Conditional Forwarding the admin gets to pick (must pick) specific
DNS servers and so can pick the "closest" or most efficient choice(s).

With SA connected to NA by Rio-Miami link this might make more sense
than SA using some random (but automatically updated) server in Seattle
or Boston, etc.

--
Herb Martin, MCSE, MVP
http://www.LearnQuick.Com
(phone on web site)



.

Relevant Pages

  • Re: dns administration delegation
    ... Let's not worry about why the zones need to be created. ... Allow site_DNSadmin group to FULL control Computer Configuration\Windows ... Executed dnsmgmt.msc and added one of the dns servers. ...
    (microsoft.public.windows.server.dns)
  • Re: DNS Stub zones vs secondary zones
    ... NA has 500,000 user machines and servers. ... DNS servers, DC, maybe some email servers etc. ... For small zones it isn't a big benefit. ... Stub zones solve exactly the same set of problems as Conditional Forwarding ...
    (microsoft.public.windows.server.dns)
  • Re: Trust Relationship Between 2 Domains
    ... That is preventing the replication from getting to Domain A. Make ... Shall I configure the DNS servers as Secondary Servers or leave them as ... All the Forward lookup zones Replication ...
    (microsoft.public.windows.server.migration)
  • Re: providing "glue" for my records.
    ... on W2K3 serves several differnt zones just fine. ... > The DNS servers listed for the domains I host are not on the same TLD ... I think you have TLD confused with something here. ... That way my DNS servers have glue for all NS records. ...
    (microsoft.public.windows.server.dns)
  • Re: Trust Relationship Between 2 Domains
    ... My apologies the DNS servers are Domain Controllers. ... If your using Active Directory Integrated zones, ... The Forward Lookup zones for the DC in domain A has the replication ... I suggest you to reset computer account. ...
    (microsoft.public.windows.server.migration)