+ Reply to Thread
Results 1 to 3 of 3
  1. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #1

    Default Question regarding DNS planning

    Lets say we have a few child domains

    Contoso.com
    west.contoso.com east.contoso.com
    ca.west.contoso.com fl.east.contoso.com


    Now I know we can create a forwarder to contoso.com and on the contoso.com dns server create delegations or stubzones of all the child domains so if ca.west.contoso.com needed to resolve a dns name in fl.east.contoso.com, it'll be able to because it's forwarding to contoso.com which contains the delegation/stubzone for the fl.east.contoso.com zone.

    My question is, is it really good to do this if these child domains were in different parts of the world or country. For instance, ca.west.contoso.com is in california and fl.east.contoso.com is in florida. Is it best design to have a forwarder to your root namespace that will contain stub zones for all the child domains so the child domains can resolve hosts inside eachother's zones?

    I know that if you're trying to query for something outside of your namespace, since you'll have the forwarder, it';ll check the contoso.com zone and if it doesn't find anything then the contoso.com dns server will do recursion and then respond back wtih the answer to the dns server which did the original query.

    I'm just wondering if there's another way to do this more efficiently.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Nov 2005
    Posts
    302

    Certifications
    CCNA,MCP, MCSA, MCSA:Security, MCSA:Messaging, MCSE, MCSE: Security, CompTIA Security+, network+ and linux+
    #2
    Well, MS always suggests using a DNS hierarchy with root zones. But, its up to you really.

    Stub zones, in this case, would be good to speedup resolution between ca.west.contoso.com and fl.east.contoso.com... if they use each others resources often.

    Now, for the rest of the child domains and root domain, yes, you can use forwarding to get to contoso.com dns, where you will have delegated or stub zones. If contoso.com is a root server, then just add the IP to your root hints.

    The question is: root servers or not...
    Reply With Quote Quote  

  4. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #3
    Well from what I've learned, if you're using yourself as the root, doesn't the internet stop at you as if you are the internet. If you get a query and if you can't answer out of your own zone files, you always go to the root servers on the internet to resolve. If you're using your own root setup, then you can't really do that anymore. So if you wanted to be able to get out to the internet, then the root choice would be out of the question, right? You'd typically have to either either setup all delegations/stubs on one of the servers and have all other servers forward to it and let that main dns server do recursion for resolving unauthoritative queries or you could just setup single stubs/delegations on those specific child servers to other servers on a need by need basis if they were to use resources on other child domains. Am I correct?
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks