Empty Root DNS Design

  • Thread starter Thread starter Mike Kline
  • Start date Start date
M

Mike Kline

I wanted to see if anyone had any thoughts on our DNS
design.

Empty root = Company.com -- Active Directory Integrated
Zone

Child Domain = child.company.com -- Active Directory
Integrated

Child Domain = child2.company.com -- Active Directory
Integrated

Comapany.com will have delegations to the child domain DNS
servers. The child DNS servers will be configured as a
secondary zone to the compay.com zone. This configuration
is for fault tolerance and allows the child name servers
to contact the other child without talking to the root.

Is this overkill? Would the AD Integrated zones transfer
the data to each other or is the secondary zone on the
child domains a good idea?

Thanks
Mike
 
In
Mike Kline said:
I wanted to see if anyone had any thoughts on our DNS
design.

Empty root = Company.com -- Active Directory Integrated
Zone

Child Domain = child.company.com -- Active Directory
Integrated

Child Domain = child2.company.com -- Active Directory
Integrated

Comapany.com will have delegations to the child domain DNS
servers. The child DNS servers will be configured as a
secondary zone to the compay.com zone. This configuration
is for fault tolerance and allows the child name servers
to contact the other child without talking to the root.

Is this overkill?
Click to expand...
No.

Would the AD Integrated zones transfer
the data to each other or is the secondary zone on the
child domains a good idea?
Click to expand...
You would have to use secondaries, AD zones only replicate to DCs in their
domain.

Of course there is the option of using the root as DNS and Global catalog
since it won't be authenticating users anyway. But then you would need a
parent DC at each location, and it would allow you to have all DNS in one
zone, and replicating to all DCs in the parent domain.
 
Thank you Kevin that did help!!
-----Original Message-----
In
No.

Would the AD Integrated zones transfer
You would have to use secondaries, AD zones only replicate to DCs in their
domain.

Of course there is the option of using the root as DNS and Global catalog
since it won't be authenticating users anyway. But then you would need a
parent DC at each location, and it would allow you to have all DNS in one
zone, and replicating to all DCs in the parent domain.




.
Click to expand...
 
Back
Top