number of zones

  • Thread starter Thread starter J
  • Start date Start date
J

J

Hi,
I am in the process of designing an AD forest with about 12 Domains. Each
Domain will connected to each other via a T1 line. And each domain will be a
site, however, when it comes to DNS zones I'm a little confused. Each domain
will have a dns name like x.company.com and y.company.ca, etc...

Do I create a single DNS Main server for the whole company and it forward
it's unknown requests out to the internet or do I do that in each server?
Does having a centralized server slow things down too much? Is it standard
to have one zone per site?
 
Herb has outlined an excellent option but there may be one other method. You may want to consider using Windows Server 2003 for DNS. We added some
new DNS features that may assist with this design. Specifically, Stub zones or selective forwarding. Selective forwarding allows you to forward to the central
server or child DNS servers only when needed. Stub zones allow you to keep a copy of the NS records for the other zones again allowing the DNS server to
efficiently find the resources needed.

Lastly, you may wish to reconsider the 12 different zones altogether. Depending on the environment, a single domain using 12 AD sites may be a better
solution.

Thank you,
Mike Johnston
Microsoft Network Support

--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.
 
Herb has outlined an excellent option but there may be one other method.
You may want to consider using Windows Server 2003 for DNS. We added some

Yes, this is an important new feature of Win2003 -- for companies with
multiple domains/zones.

And the option I outlined was just the one that had the
least explanation and "gotchas" not necessarily the "best"
or "more efficient."

Another choice:
This is actually a candidate for my private namespace (with
private root) using BIND 9 as the forwarder with 'special'
configuration so that your internal DNS servers will do
actual recursion of the Internal Namespace from the root
down, AND forward to the Internet for other names --
all without getting confused.

(And the above does NOT totally remove, nor restrict, the utility
of using the new Win2003 feature internally in conjunction.)
 
Back
Top