DNS Question
tel_s1234
Member Posts: 24 ■□□□□□□□□□
Hi All,
I have a question regarding dns zones and delegation. I understand the concept of zones and delegation, but am a bit confused as to their role with subdomains. If I have one top level domain and two subdomains, and for arguements sake, I put a DC & DNS server in each domain to manage any requests, why would I need to delegate or create zones spreading over multiple domains. I don't see the obvious benefits or drawbacks to doing this ?
Thanks
Terry
I have a question regarding dns zones and delegation. I understand the concept of zones and delegation, but am a bit confused as to their role with subdomains. If I have one top level domain and two subdomains, and for arguements sake, I put a DC & DNS server in each domain to manage any requests, why would I need to delegate or create zones spreading over multiple domains. I don't see the obvious benefits or drawbacks to doing this ?
Thanks
Terry
Comments
-
royal Member Posts: 3,352 ■■■■□□□□□□Well for one, when creating a child DC, if you want dns on that child DC, you will need to create a delegation on the parent dns server. The reason is, is that you initially have to point the dns ip on the upcoming new child DC to the parent DNS server to add it to the forest/tree. Because of this, it will just install a directory on the parent DC's DNS zone. If you want that child DC to have to do DNS itself, you can create a delegation on that parent DNS zone prior to doing DCPROMO on the child server. Now, even if the ip on the child DC is pointing to the parent DNS to pull information to DCPROMO, it will see that that it's delegated to have DNS and will then see it does not have DNS installed and will then give you the option to install DNS and have it configured.
Also, you would want to create a delegation to delegate DNS responsibilities to another party. In the reason I explained above, normally it would create a subfolder instead of a delegation on the parent root. This means that the parent zone's DNS administrators would have responsibility for the Child DNS zone's administration. Perhaps this is not what you would want to do. Creating the delegation could solve a couple different issues. 1. You could do the delegation to distribute administrative duties across different administrative groups. 2. You could do the delegation to also distribute computing power across multiple sets of servers. Regardless of which you choose, then end result would be distributing both administrative duties (due to child Domain Administrators having access to adminster DNS), and would also distribute computing power across multiple servers.
Hope this helps.“For success, attitude is equally as important as ability.” - Harry F. Banks -
tel_s1234 Member Posts: 24 ■□□□□□□□□□Ah ok, thanks that's helpful.
This is obviously how delegation varies from Stub Zones ? Stub zones just point to the correct dns server for a request, where delegation you have handed control for that zone onto another server ?
Thanks -
royal Member Posts: 3,352 ■■■■□□□□□□Well, delegations are static. Stub zones dynamically update and have all NS records for the namespace. Stub zones contain the SOA record which specified how often the server should query dns servers from the other namespace, and if there are any changes, the Stub Zone is dynamically updated. With a delegation, you use it to segregate administration for child domains for which you are authoritative. Conditional forwarders are also static which are used to forward a request to a different namespace (improves name resolution). If you are familiar with Active Directory, a conditional forwarder is sort of synonomous to having a shortcut trust in certain situations. Also, you can use a regular forwarder which is often used to have all your dns servers pointing to an internet-facing dns server which ultimately allows you to have a centralized server with a rich cache which results in less WAN traffic.
Hope this helps.“For success, attitude is equally as important as ability.” - Harry F. Banks