Re: Forworders or Root Hints?
- From: Johan Strange <JohanStrange@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 8 Oct 2007 09:22:13 -0700
Then its all opinions. I personally see forwaders as easier to break. I don't
disagree with what you say but I have seen from experience that root hints
are more solid. But that's my opinion ... :)
--
Johan Strange
_______________________________
MCSE, MCSA + Messaging, CompA+
Logic42 Computer Solutions - The answer to everything
www.logic42.co.uk
"Jorge Silva" wrote:
Please don't be sorry, that's your opinion and I respect that..
However doesn't make since to me, the reason is simple, the poster wants a
solution to solve names outside its domain, so, assuming that is talking
about public names, he can use root hints (very unsecure-> and if he loose
connectivity to the root hints servers they won't be able to solve public
names as well- So I don't see this option as an advantage), Stub Zones
(doesn't make sense to create one stub zone for each public domain, and it's
not doable because you have thousands of public domains (You also rely on
connectivity to the NS to achieve the query results)), Secondary Zones won't
work (for obvious reasons), at last you have Conditional Forwarding (not
doable for the same reasons as the stub Zones) and Forwarding.
To me Forwarding is the right way to go for, the reasons are simple, you can
control where to send the queries, not to use root hints better from
security perspective, and it's easy to implement.
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE, MVP Directory Services
"Johan Strange" <JohanStrange@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:2EF254A3-7C35-4F49-AA35-B5ED46BEF083@xxxxxxxxxxxxxxxx
Thank you for that Jorge. I am sorry that what I said goes against your
explanation. I understand forwarders and conditional forwarders. Can you
confirm that what I said is never a possibilty?
--
Johan Strange
_______________________________
MCSE, MCSA + Messaging, CompA+
Logic42 Computer Solutions - The answer to everything
"Jorge Silva" wrote:
You must be joking... That's your reason to not use forwarders?
Remember Forwarders don't have to necessarily be external/public DNS
servers.
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE, MVP Directory Services
"Johan Strange" <JohanStrange@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B62E3D40-1647-43D6-A946-57B2A1D68474@xxxxxxxxxxxxxxxx
With forwarders you are relaying on set name servers to resolve
requests
that
are not in the resolver cache. Then if these devices can not be
contacted
for
various reasons you can not resolve hostnames for external resources.
--
Johan Strange
_______________________________
MCSE, MCSA + Messaging, CompA+
Logic42 Computer Solutions - The answer to everything
"Jorge Silva" wrote:
Hi
I vote in Forwarders the reason is security, with forwarders your
server
won't go to public "you must select the option disable recursion for
this
domain".
Now, if all your clients do ONLY external resolution why not have a
cache
only DNS server to do that job?
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE, MVP Directory Services
"Nutzer" <helo@xxxxxxxxxxx> wrote in message
news:b4SdnUosG-yHr5janZ2dnUVZ_r2nnZ2d@xxxxxxxxxxxxxxx
Hello,
I'm trying to configure my DC servers as a DNS server. Should I set
it
for Forworders or Root hint? This is AD integrated DNS. But all my
users
will resolve to outside with this DNS server.
- Follow-Ups:
- Re: Forworders or Root Hints?
- From: Jorge Silva
- Re: Forworders or Root Hints?
- References:
- Forworders or Root Hints?
- From: Nutzer
- Re: Forworders or Root Hints?
- From: Jorge Silva
- Re: Forworders or Root Hints?
- From: Jorge Silva
- Re: Forworders or Root Hints?
- From: Johan Strange
- Re: Forworders or Root Hints?
- From: Jorge Silva
- Forworders or Root Hints?
- Prev by Date: DNS suffix for FQDN?
- Next by Date: Re: DNS suffix for FQDN?
- Previous by thread: Re: Forworders or Root Hints?
- Next by thread: Re: Forworders or Root Hints?
- Index(es):
Relevant Pages
|
