Well at some point your DNS server is going to have to query other DNS servers for domains that it is not authorative for. Your two choices for this are: 1. Using forwarders or 2. Using the root hint servers.
If you choose to use forwarders then you'll need to set them up in the properties of your DNS server. Then when your DNS server gets a DNS query for a domain that it is not authorative for it will forward the query to the forwarder, which will then do the work of resolving the query if it's configured to perform iteration or if it's not it will tell your DNS server where to go next.
If you choose to use the root hint servers, then when your DNS servers gets a DNS query for a domain that it is not authorative for it will query one of the root hint servers (which will not perform iteration) which will tell your DNS server where to go next. IMHO, there's no real workload on a DNS server for it to resolve DNS queries unless you have thousands of queries per second needing to be resolved.
Your server should not be listed in the root hint servers as your server is not one of the root hint servers.
I prefer to use the root hint servers. I don't like to rely on forwarders as then my DNS queries are dependent on the forwarders being available, working properly, performing iteration, etc., etc.
If the root hint servers aren't working (which is highly unlikely) then nobody in the world is going to have a working DNS anyway so it won't matter that my DNS won't be working at that point (for external DNS queries only).
Every Windows server comes pre-configured with a physical file called cache.dns. Inside cache.dns are the IP addresses of a dozen 'well-known' servers which hold information about the .com, .net, .org and other top level domains (TLD). You can inspect this file in the %systemroot%\windows32\dns\samples folder.
Point each DNS server at itself for the preferred DNS server and the other server for the alternate DNS server in IP address configuration for DNS servers.
If you choose to use forwarders then you'll need to set them up in the properties of your DNS server. Then when your DNS server gets a DNS query for a domain that it is not authorative for it will forward the query to the forwarder, which will then do the work of resolving the query if it's configured to perform iteration or if it's not it will tell your DNS server where to go next.
If you choose to use the root hint servers, then when your DNS servers gets a DNS query for a domain that it is not authorative for it will query one of the root hint servers (which will not perform iteration) which will tell your DNS server where to go next. IMHO, there's no real workload on a DNS server for it to resolve DNS queries unless you have thousands of queries per second needing to be resolved.
Your server should not be listed in the root hint servers as your server is not one of the root hint servers.
I prefer to use the root hint servers. I don't like to rely on forwarders as then my DNS queries are dependent on the forwarders being available, working properly, performing iteration, etc., etc.
If the root hint servers aren't working (which is highly unlikely) then nobody in the world is going to have a working DNS anyway so it won't matter that my DNS won't be working at that point (for external DNS queries only).
Point each DNS server at itself for the preferred DNS server and the other server for the alternate DNS server in IP address configuration for DNS servers.
No comments:
Post a Comment