Jason Tan (MSFT
Guest
|
 Posted:
Thu Oct 27, 2005 12:50 pm Post subject:
RE: root hints |
|
|
Hello,
Thanks for posting!
From your post, please verify the purpose of your root server. If you have
a large distributed network and a complex DNS namespace, it is best to use
an internal DNS root that is isolated from public networks. Using an
internal DNS root streamlines the administration of your DNS namespace by
enabling you to administer your DNS infrastructure as if the entire
namespace consists of the DNS data within your network.
If you use an internal DNS root, a private DNS root zone is hosted on a DNS
server on your internal network. This private DNS root zone is not exposed
to the Internet. Just as the DNS root zone contains delegations to all of
the top-level domain names on the Internet, such as .com, .net, and .org, a
private root zone contains delegations to all of the top-level domain names
on your network. The DNS server that hosts the private root zone in your
namespace is considered to be authoritative for all of the names in the
internal DNS namespace.
A forwarder is a Domain Name System (DNS) server on a network used to
forward DNS queries for external DNS names to DNS servers outside of that
network.
Therefore, If your do not need to forwards external queries for DNS names.
You may maintain the root server. Otherwise, it is recommended to configure
the root server to a forwarder.
More information for your reference:
Understanding forwarders
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Serve
rHelp/a3cf0184-0594-4e78-8247-609f03843438.mspx
Deciding Whether to Deploy an Internal DNS Root
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/DepKi
t/2af62e12-c096-44f1-b00f-b0031566ba93.mspx
HOW TO: Convert a DNS Server to a Root DNS Server
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;231794
Hope the information helps.
Best Regards,
Jason Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: root hints
| thread-index: AcXaG0uCs2DBj/TFScqbQbweKBjpsw==
| X-WBNR-Posting-Host: 206.162.174.228
| From: "=?Utf-8?B?dG90b21hc3Rlcg==?=" <totomaster@news.postalias>
| Subject: root hints
| Date: Wed, 26 Oct 2005 03:52:01 -0700
| Lines: 10
| Message-ID: <6DBDBC3B-667D-4B8E-B716-5E8F2F9C9E1E@microsoft.com>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.windows.server.networking
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.windows.server.networking:21026
| X-Tomcat-NG: microsoft.public.windows.server.networking
|
| Hi
|
| I have 2 internal dns. Both are installed on Win2k3 in Win2k3 AD. One is
| configures like a forwarder who forward not authoritative request to our
ISP
| dns. The other one is configured like a root server.
|
| My question is : is-it better to configured both as forwarder ?
|
| Thanks
|
| |
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in