How do DNS Clients use a Caching only or Secondary DNS Server with Dynamic Updats?

Discussion in 'Windows Networking' started by Brian Whiting, Feb 9, 2005.

  1. I am studying the MS course material and cannot find an answer to the
    subject question. MS has scenarios where they recommend caching only or
    secondary zone servers at remote sites. If the clients there are AD clients
    who register their records with a Primary DNS server, how do they recognize
    the non-Primary servers for use? Alternatively, if they are told to use a
    secondary zone or caching server as their primary DNS server, how do their
    dynamic DNS updates get registered on the primary? The material does not
    address this & I have been unable to find the answer using web resources so
    far.
     
    Brian Whiting, Feb 9, 2005
    #1
    1. Advertisements

  2. Only Active Directory integrated or primary zones can register dns clients.
    Secondary zones are authoritative for a zone but can not register a dns
    record for the zone. Secondary zones pull there zone info from a master dns
    server. Secondary zones are useful when you need to resolve names in another
    dns zone and both an Active Directory integrated/primary and secondary zone
    can be on the same dns server but not for the same zone. For instance say
    you are in a forest with acme.com and gloop.com and you are in acme.com.
    Your preferred dns server would probably be a domain controller in acme.com
    and have the AD integrated zone for acme.com which would register your dns
    record dynamically. Since you also need to access resources in gloop.com and
    they have their own domain controllers running dns, your preferred dns
    server could be configured to have a secondary zone for gloop.com. Now your
    preferred dns server can resolve names for both domains in the forest AND
    resolve internet names for your computer because it is configured to forward
    to the ISP dns server for zones it is not authoritative.

    Caching dns servers have no domain zones so they are not authoritative for
    any dns zone nor can they register any dns records. They can however be
    configured to forward to other dns servers that can resolve dns names. Once
    they start forwarding and dns names are resolved they "cache" the dns
    replies from the forwarder and subsequent dns queries sent to it are first
    checked for existence in the cache and then cached info is used if available
    or off to the forwarder the query goes. This can help for a remote site
    belonging to the domain that has a slow link. One way would be to configure
    the caching dns server to forward to an Active Directory dns server at the
    main site. Eventually both internet and domain records would be cached on
    the caching server and that would improve response at the remote site and
    reduce traffic over the slow link. The remote site computers would still be
    able to locate the AD dns server when the needed to register or update their
    dns records. --- Steve
     
    Steven L Umbach, Feb 10, 2005
    #2
    1. Advertisements

  3. If I am reading your reply correctly, then a resolver can have its primary
    DNS server at a remote site set to the address of the zone primary server at
    the main site. When the client tries to register its address record on boot
    up the caching server will forward the registration query to the primary
    server. When the client resolver sends a query to resolve a friendly name
    to address, the caching server will anser it if it's cached, or forward the
    query to the forwarder (in this case the primary zone AD server) in a
    recursive query, then cache the results.

    Have I got it straight?

    Brian
     
    Brian Whiting, Feb 13, 2005
    #3
  4. In such a situation put the caching dns server first in the list of
    preferred dns servers for domain clients at the remote site and the AD dns
    server at the main site second in the list. That way it will always try to
    use the caching dns server first and the main site dns server only if it can
    not contact the caching dns server for redundancy. The caching server will
    either resolve the request for the domain client computer from it's cache or
    from the AD dns servers it forwards to. The caching dns server itself will
    need to be configured to forward to AD dns servers in the main site. ---
    Steve
     
    Steven L Umbach, Feb 13, 2005
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.