Windows 2000 Server DNS Name Servers help needed.

[Peter A. Berger Jr.]

Hi I have a technical ? about the Name Servers tab in 2k
DNS. It says that "this displays a list of DNS servers
currently configured to be authoritative for the zone. In
most cases, this includes all other DNS servers that host
the secondary zones." What I'd like to achieve is less
WAN/DNS traffic and security for this primary Active
Directory DNS zone. I would like the servers listed here
to be able to host/pull secondary zone info, but not be
authoritative for this zone. By adding DNS IP's into this
Name Servers Tab are they authoritative or do they allow
other DNS machines to host secondary zones, or both
? I'm confused. Any info/help to clear this up would be
great. Thanks.

 

[Kevin D. Goodknecht [MVP]]

In

Hi I have a technical ? about the Name Servers tab in 2k
DNS. It says that "this displays a list of DNS servers
currently configured to be authoritative for the zone. In
most cases, this includes all other DNS servers that host
the secondary zones." What I'd like to achieve is less
WAN/DNS traffic and security for this primary Active
Directory DNS zone. I would like the servers listed here
to be able to host/pull secondary zone info, but not be
authoritative for this zone. By adding DNS IP's into this
Name Servers Tab are they authoritative or do they allow
other DNS machines to host secondary zones, or both
? I'm confused. Any info/help to clear this up would be
great. Thanks.

You can do this.
Any DNS server you allow zone transfers to can host a secondary zone, if the
secondary does not have an NS record it can't answer authoritatively. It
will give a non-authoritative
answer, just like it was answering from its cache.
Do not add the secondary to the name server tab will achieve this.