Setting Up DNS on Child Domain Controller
Last response: in Windows 2000/NT
Archived from groups: microsoft.public.win2000.active_directory (More info?)
In a Windows 2000 AD forest, the child domain controller's DNS is normally
set to add the parent domain as a secondary, just to keep a copy cached for
use locally. What about the forwarders settings in DNS on the child
domain controller? Should this be set to the upstream domain's domain
controller, or does it not matter?
--
Will
Internet: westes AT earthbroadcast.com
In a Windows 2000 AD forest, the child domain controller's DNS is normally
set to add the parent domain as a secondary, just to keep a copy cached for
use locally. What about the forwarders settings in DNS on the child
domain controller? Should this be set to the upstream domain's domain
controller, or does it not matter?
--
Will
Internet: westes AT earthbroadcast.com
More about : setting dns child domain controller
Archived from groups: microsoft.public.win2000.active_directory (More info?)
Well If you want you can definatly set forwarders to your parent domain. The
reason to put forwarders is to resolve the external names(Public Domain). We
usually put the IP Address of the ISP to resolve the Public Domain's or to
access internet.
You can set you child domain to put forwarders to your parent domain so that
you do not have to create the secondary copy of your parent domain in the
child domain and on parent domain put forwarders to your ISP.
DNS can be set in may way so it all depends on your enviroment.
"Will" wrote:
> In a Windows 2000 AD forest, the child domain controller's DNS is normally
> set to add the parent domain as a secondary, just to keep a copy cached for
> use locally. What about the forwarders settings in DNS on the child
> domain controller? Should this be set to the upstream domain's domain
> controller, or does it not matter?
>
> --
> Will
> Internet: westes AT earthbroadcast.com
>
>
>
>
Well If you want you can definatly set forwarders to your parent domain. The
reason to put forwarders is to resolve the external names(Public Domain). We
usually put the IP Address of the ISP to resolve the Public Domain's or to
access internet.
You can set you child domain to put forwarders to your parent domain so that
you do not have to create the secondary copy of your parent domain in the
child domain and on parent domain put forwarders to your ISP.
DNS can be set in may way so it all depends on your enviroment.
"Will" wrote:
> In a Windows 2000 AD forest, the child domain controller's DNS is normally
> set to add the parent domain as a secondary, just to keep a copy cached for
> use locally. What about the forwarders settings in DNS on the child
> domain controller? Should this be set to the upstream domain's domain
> controller, or does it not matter?
>
> --
> Will
> Internet: westes AT earthbroadcast.com
>
>
>
>
Archived from groups: microsoft.public.win2000.active_directory (More info?)
"Will" <DELETE_westes@earthbroadcast.com> wrote in message
news:uSR#0bumFHA.3380@TK2MSFTNGP12.phx.gbl...
> In a Windows 2000 AD forest, the child domain controller's DNS is normally
> set to add the parent domain as a secondary, just to keep a copy cached
for
> use locally. What about the forwarders settings in DNS on the child
> domain controller? Should this be set to the upstream domain's domain
> controller, or does it not matter?
There is no clear cut answer -- it depends on why you
are forwarding and which names you expect to resolve.
For instance: All DNS servers (both zones/domains) on
same LAN with a gateway caching only DNS to the outside
world (The Internet)
ALL DNS servers usually forward to the gateway DNS
Second example: Child DNS at branch site with no independent
Internet access.
It is likely useful to forward to "HQ" DNS servers for Internet
(and other site perhaps) resolution.
You must think through what you will resolve and what the
referral (forwarding, recursion, caching etc) paths will look like.
The goal is:
#1 Resolve EVERYTHING necessary
#2 Do it most efficiently while maintaining rule #1
For #2, try to do it locally, then closest AND/OR try to do
it from the DNS server with the LARGEST cache or broadest
source of information (caching hierarchically for complex
scenarios.)
Then you test, making sure it actually works.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
"Will" <DELETE_westes@earthbroadcast.com> wrote in message
news:uSR#0bumFHA.3380@TK2MSFTNGP12.phx.gbl...
> In a Windows 2000 AD forest, the child domain controller's DNS is normally
> set to add the parent domain as a secondary, just to keep a copy cached
for
> use locally. What about the forwarders settings in DNS on the child
> domain controller? Should this be set to the upstream domain's domain
> controller, or does it not matter?
There is no clear cut answer -- it depends on why you
are forwarding and which names you expect to resolve.
For instance: All DNS servers (both zones/domains) on
same LAN with a gateway caching only DNS to the outside
world (The Internet)
ALL DNS servers usually forward to the gateway DNS
Second example: Child DNS at branch site with no independent
Internet access.
It is likely useful to forward to "HQ" DNS servers for Internet
(and other site perhaps) resolution.
You must think through what you will resolve and what the
referral (forwarding, recursion, caching etc) paths will look like.
The goal is:
#1 Resolve EVERYTHING necessary
#2 Do it most efficiently while maintaining rule #1
For #2, try to do it locally, then closest AND/OR try to do
it from the DNS server with the LARGEST cache or broadest
source of information (caching hierarchically for complex
scenarios.)
Then you test, making sure it actually works.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
Archived from groups: microsoft.public.win2000.active_directory (More info?)
No, this is not how to use fowarders.
Fowarders are used when you need to resolve into a name space that is not
connected to the DNS hierarchy.
Standard DNS delgated zones and NS records (aptly named :glue" records) will
seperate the namespace yet still provide resolution.
What is the goal here? Decrease resolutions per server, break up
administration, decrease resolution time?
--
Manny Borges
MCSE NT4-2003 (+ Security)
MCT, Certified Cheese Master
The pen is mightier than the sword, and considerably easier to write with.
-- Marty Feldman
"Will" <DELETE_westes@earthbroadcast.com> wrote in message
news:uSR%230bumFHA.3380@TK2MSFTNGP12.phx.gbl...
> In a Windows 2000 AD forest, the child domain controller's DNS is normally
> set to add the parent domain as a secondary, just to keep a copy cached
> for
> use locally. What about the forwarders settings in DNS on the child
> domain controller? Should this be set to the upstream domain's domain
> controller, or does it not matter?
>
> --
> Will
> Internet: westes AT earthbroadcast.com
>
>
>
No, this is not how to use fowarders.
Fowarders are used when you need to resolve into a name space that is not
connected to the DNS hierarchy.
Standard DNS delgated zones and NS records (aptly named :glue" records) will
seperate the namespace yet still provide resolution.
What is the goal here? Decrease resolutions per server, break up
administration, decrease resolution time?
--
Manny Borges
MCSE NT4-2003 (+ Security)
MCT, Certified Cheese Master
The pen is mightier than the sword, and considerably easier to write with.
-- Marty Feldman
"Will" <DELETE_westes@earthbroadcast.com> wrote in message
news:uSR%230bumFHA.3380@TK2MSFTNGP12.phx.gbl...
> In a Windows 2000 AD forest, the child domain controller's DNS is normally
> set to add the parent domain as a secondary, just to keep a copy cached
> for
> use locally. What about the forwarders settings in DNS on the child
> domain controller? Should this be set to the upstream domain's domain
> controller, or does it not matter?
>
> --
> Will
> Internet: westes AT earthbroadcast.com
>
>
>
Archived from groups: microsoft.public.win2000.active_directory (More info?)
Will wrote:
>
> In a Windows 2000 AD forest, the child domain
> controller's DNS is normallyset to add the parent
> domain as a secondary, just to keep a copy cached
> for use locally. What about the forwarders
> settings in DNS on the child domain controller?
> Should this be set to the upstream domain's domain
> controller, or does it not matter?
>
I'd say yes, in most cases. The forwarders is *generally*
only used to access addresses *outside* of the LAN/WAN, and
in most cases you only want to access the outside world's
DNS from one machine or at least only from the root domain's
DNS servers.
If those DNS servers are heavily loaded, I guess you could
set the forwarders in the child domains.
If you are using forwarders only to access the external
Internet, then think of it like this: it is not really an AD
question, since the addresses that you are requesting are
not part of your AD structure. Therefore you can leave AD
considerations out of it and consider only the networking
aspects of the problem, such as, where are the gateways for
the child domain and are they the same as the gateways for
the parent domain.
Cheers,
Cliff
--
Barzoomian the Martian - http://barzoomian.blogspot.com
Will wrote:
>
> In a Windows 2000 AD forest, the child domain
> controller's DNS is normallyset to add the parent
> domain as a secondary, just to keep a copy cached
> for use locally. What about the forwarders
> settings in DNS on the child domain controller?
> Should this be set to the upstream domain's domain
> controller, or does it not matter?
>
I'd say yes, in most cases. The forwarders is *generally*
only used to access addresses *outside* of the LAN/WAN, and
in most cases you only want to access the outside world's
DNS from one machine or at least only from the root domain's
DNS servers.
If those DNS servers are heavily loaded, I guess you could
set the forwarders in the child domains.
If you are using forwarders only to access the external
Internet, then think of it like this: it is not really an AD
question, since the addresses that you are requesting are
not part of your AD structure. Therefore you can leave AD
considerations out of it and consider only the networking
aspects of the problem, such as, where are the gateways for
the child domain and are they the same as the gateways for
the parent domain.
Cheers,
Cliff
--
Barzoomian the Martian - http://barzoomian.blogspot.com
Related ressources:
- Forumchild domain controller
- Forumchild domains and dns design
- ForumChild domain dns server resolves all queries except those ..
- ForumChild domain DNS problem
- ForumChanging from a " child like" parent domain to a proper top..
- ForumRemove Child Domain ?
- Forum[Long] Clearing GC check box caused child domain to be del..
- ForumDNS Resolution Between Child Domain
- ForumChild Domain DNS Woes
- ForumDns Child domain
- Forumadding dns to domain controller at site
- ForumChild domain
- ForumDNS setting for forest and child DCs
- ForumWindows 2000 DNS and child domains
- ForumDNS in 2003 Domain
- ForumChild DNS problem
- ForumDifferent DNS and AD domain structures
- ForumOnly DC in child domain disconnected for longer then tombs..
- ForumParallel and com ports not appearing in device manager
- ForumMigrating to AD but have non-windows DNS...problems?
- More resources
!
