Options

Zone Delegation

Dracula28Dracula28 Member Posts: 232
in MCTS / MCITP on Windows 2008 General
Its been a long time since I took the 291 exam, and I don't really work with enterprises who have large domains, so I need some help understanding zone delegation again. Most of the AD work I do, is not related to DNS, but rather GPO and object management (file shares, user accounts etc.)

A simple question to start with, can you divide the namespace and make additional zones, without making subdomains?

Because if there are subdomains, then I just don't understand the purpose of delegations? This is all just very confusing to me.
Current certs: MCP (210) MCSA (270, 290, 291 and 680) MCTS (680, 640)
· Share on FacebookShare on Twitter

Comments

  • Options
    EssendonEssendon Member Posts: 4,546 ■■■■■■■■■■
    I'll try to explain this as well as I can. Some of these DNS concepts sure are quite confusing, so you are not alone!

    Why would you do zone delegation?

    One, if you want to divide a larger zone into smaller zones to improve name resolution (or do load balancing) and fault tolerance.
    Two, if your company is opening a branch big enough to warrant having its own DNS server, instead of traversing a link for name resolution.

    As an example, say there's a big zone called company.com with child domains one.company.com and two.company.com. A DNS server called NS1 is the server authoritative for the entire infrastructure. Users complain about name resolution being slow. To alleviate this problem, you set up 2 DNS servers, one in the one.company.com subdomain and the other in the two.company.com subdomain. Now you will need delegation records on the DNS servers for these subdomains that point to the authoritative DNS servers for the new zone. This is necessary both to transfer authority and provide correct referral to other DNS servers and clients of the new servers being made authoritative for the new zone. Additionally, in the parent domain, you'll need an NS record and an A record of the DNS servers of the subdomains.

    Hope this helps! Read this link for more info.
    NSX, NSX, more NSX..

    Blog >> http://virtual10.com
    · Share on FacebookShare on Twitter
  • Options
    Dracula28Dracula28 Member Posts: 232
    Essendon wrote: »
    One, if you want to divide a larger zone into smaller zones to improve name resolution (or do load balancing) and fault tolerance.

    Thanks for the explanation. I was just wondering about this part, if you want to divide a larger zone into smaller zones, do you have to create subdomains to do so, or can you just divide the zone and then append the dns suffix of the new zone to the computer's Host records in that zone?

    What I mean is, if you have say three computers, and they all reside in contoso.com, they are called Server 1, Server 2, Server 3.

    Since its a pretty large zone, you want to divide it into smaller zones, so you create a FLZ in Dns called west.contoso.com, and then you delete the host record for Server 3 in contoso.com, and create a host record for Server 3 in west.contoso.com

    Is that possible? Dns Zones and AD domains are not the same, right? So it should be possible for computers in the contoso.com FLZ to locate server3.west.contoso.com, despite its name actually being server3.contoso.com in AD, right?
    Current certs: MCP (210) MCSA (270, 290, 291 and 680) MCTS (680, 640)
    · Share on FacebookShare on Twitter
  • Options
    Dracula28Dracula28 Member Posts: 232
    Also, in Sever 2008, you are able to delegation outside of your own namespace, which you were not able to do in Server 2003?
    Current certs: MCP (210) MCSA (270, 290, 291 and 680) MCTS (680, 640)
    · Share on FacebookShare on Twitter
Sign In or Register to comment.