Question regarding DNS planning

Lets say we have a few child domains

Now I know we can create a forwarder to and on the dns server create delegations or stubzones of all the child domains so if needed to resolve a dns name in, it'll be able to because it's forwarding to which contains the delegation/stubzone for the zone.

My question is, is it really good to do this if these child domains were in different parts of the world or country. For instance, is in california and is in florida. Is it best design to have a forwarder to your root namespace that will contain stub zones for all the child domains so the child domains can resolve hosts inside eachother's zones?

I know that if you're trying to query for something outside of your namespace, since you'll have the forwarder, it';ll check the zone and if it doesn't find anything then the dns server will do recursion and then respond back wtih the answer to the dns server which did the original query.

I'm just wondering if there's another way to do this more efficiently.
“For success, attitude is equally as important as ability.” - Harry F. Banks


  • agustinchernitskyagustinchernitsky Member Posts: 299
    Well, MS always suggests using a DNS hierarchy with root zones. But, its up to you really.

    Stub zones, in this case, would be good to speedup resolution between and if they use each others resources often.

    Now, for the rest of the child domains and root domain, yes, you can use forwarding to get to dns, where you will have delegated or stub zones. If is a root server, then just add the IP to your root hints.

    The question is: root servers or not...
  • royalroyal Member Posts: 3,353
    Well from what I've learned, if you're using yourself as the root, doesn't the internet stop at you as if you are the internet. If you get a query and if you can't answer out of your own zone files, you always go to the root servers on the internet to resolve. If you're using your own root setup, then you can't really do that anymore. So if you wanted to be able to get out to the internet, then the root choice would be out of the question, right? You'd typically have to either either setup all delegations/stubs on one of the servers and have all other servers forward to it and let that main dns server do recursion for resolving unauthoritative queries or you could just setup single stubs/delegations on those specific child servers to other servers on a need by need basis if they were to use resources on other child domains. Am I correct?
    “For success, attitude is equally as important as ability.” - Harry F. Banks
Sign In or Register to comment.