Sign in with
Sign up | Sign in
Your question

DNS server to query multiple forwarders until resolution?

Last response: in Windows 2000/NT
Share
Anonymous
December 1, 2004 6:26:52 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

We are in a bizzare situation where we work with around 10
manufacturing partners on a franchise basis. We have to be able to
access their extranets etc on our network and normally we will put
their systems onto our PCs and use their DNS servers for name
resolution of their many varying bits of their systems. We put their
DNS servers as entries into our clients (we do not use DNS on our own
network). This restricts one PC to using one manufacturer's systems
only as using another would mean changing the DNS settings.

We could setup our own DNS server with relvant entries etc and lookups
to other DNS servers by domain, but the problem we have is that our
manufacturing 'partners' use all manner of names in different domains
and keep changing and adding stuff. We are the last people they tell
what they are doing as they expect us to run our systems as in the
above.

What we therefore need to do is set our client PCs up pointing to our
own DNS box. If this DNS box does not know the answer to the query
(not setup or in its cache etc), then it will keep polling down a list
of alternative DNS servers until it finds the answer (as opposed to
stopping at the first forwarder in the usual DNS fashion).

We run in a Windows (2K / 03 server) environment with XP clients.

Can anyone suggest a solution - ideally how to setup DNS on Win 2K
server to do just this?

Many thanks,

Ed
Anonymous
December 1, 2004 1:32:47 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

"Erbrod" <erbrod@yahoo.co.uk> wrote in message
news:57d66d3c.0412010326.44825f9f@posting.google.com...

>
> Can anyone suggest a solution - ideally how to setup DNS on Win 2K
> server to do just this?
>
> Many thanks,
>
> Ed

I only skimmed your post, but have you considered your own DNS server and
adding secondary zones to their DNS zones? Seems like a valid solution.

Matt
MCT, MCSE
Anonymous
December 1, 2004 2:36:08 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:57d66d3c.0412010326.44825f9f@posting.google.com,
Erbrod <erbrod@yahoo.co.uk> commented
Then Kevin replied below:
> We are in a bizzare situation where we work with around 10
> manufacturing partners on a franchise basis. We have to
> be able to access their extranets etc on our network and
> normally we will put their systems onto our PCs and use
> their DNS servers for name resolution of their many
> varying bits of their systems. We put their DNS servers
> as entries into our clients (we do not use DNS on our own
> network). This restricts one PC to using one
> manufacturer's systems only as using another would mean
> changing the DNS settings.
>
> We could setup our own DNS server with relvant entries
> etc and lookups to other DNS servers by domain, but the
> problem we have is that our manufacturing 'partners' use
> all manner of names in different domains and keep
> changing and adding stuff. We are the last people they
> tell what they are doing as they expect us to run our
> systems as in the above.
>
> What we therefore need to do is set our client PCs up
> pointing to our own DNS box. If this DNS box does not
> know the answer to the query (not setup or in its cache
> etc), then it will keep polling down a list of
> alternative DNS servers until it finds the answer (as
> opposed to stopping at the first forwarder in the usual
> DNS fashion).
>
> We run in a Windows (2K / 03 server) environment with XP
> clients.
>
> Can anyone suggest a solution - ideally how to setup DNS
> on Win 2K server to do just this?

It is easier on the Win2k3 server than it is on the Win2k. Win2k3 DNS
supports conditional forwarders and Stub zones, either of which will solve
your problem with having to pull full secondary zones from the partners DNS
servers. You would just add all of your partners' domain names to the
conditional forwarders list and the IP of the relavent DNS server, or add a
stub zone for each domain name all of your partners need you to resolve.
These domain names do not have to be valid internet domain names either, as
long as you can have direct access to each and all of the partnered DNS
servers. This way your DNS server knows all the domain names, and which DNS
server owns the name.

The Win2k server which does not support those options would have to use
Secondary zones of all your partner's zones. Which means they would have to
allow zone transfers to your DNS. You could not use Forwarders on the Win2k,
because each of the forwarders would have to know all domain names.

The only way you could use both the Win2k and Win2k3 DNS servers
simultaniously, is to forward all queries from the Win2k to the Win2k3 and
let the Win2k3 decide where the query needs to go, either to the internet or
to the partner DNS servers.(never back to the Win2k)

--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
Anonymous
December 2, 2004 7:42:37 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

E> it will keep polling down a list of alternative DNS servers
E> until it finds the answer (as opposed to stopping at the first
E> forwarder in the usual DNS fashion).

That's incorrect. The usual forwarding proxy DNS fashion *is* to try
all forwardees until an answer is received. You are simply erroneously
thinking that a *negative* answer isn't an answer. It is, however.

What you actually want is for a forwarding proxy DNS servers to carry on
asking even when it *has* received an answer, in the case that that
answer is a negative one. This is not what proy DNS servers do.
Negative answers are answers, after all, and there's no point in
continuing to ask when one has received an answer. What you want is not
the way that proxy DNS servers operate.

E> We are the last people they tell what they are doing as
E> they expect us to run our systems as in the above.

Then *that* is your problem, and *that* is what you need to fix. You
have an administrative problem, not a technical one. You need to
convince the network administrators of the other companies to (a)
provide you with consistent "split horizon" information and (b) to
inform you whenever their "internal" DNS server configuration changes.
If necessary, this should be part of the contract between your companies.
!