I have over 20 domains in my environment and have each domain entered
respectively in the root DNS servers for the zone. Some of the 20 are
delegated domains. With a setup like this, is it best to push out a
conformed suffix search list via group policy to all domain clients? By
default, it puts the child domain and the parent - only searching two
domains for DNS records, the rest is up to WINS. Naturally, this won't hit
A, CNAME, and other records we create only in DNS.

I was thinking of something similar to
root.domain,child1.domain,child2.domain,child3.domain,etc.,etc. until all
20+ domains are entered. I have roughly 20,000 records total in the zone
and have tried this method in a small test environment with great success.
It appears not to take any longer searching all of the domains (my test
involved all domains) for the record than it normally would.

Down the road, we will probably implement a new DNS domain for misc types of
records to keep them all in one spot and unique. Until then, would it hurt
to have a huge suffix search list on 2000/XP machines?

--
Tim

Tim Chin wrote:
> I have over 20 domains in my environment and have each domain entered
> respectively in the root DNS servers for the zone. Some of the 20 are
> delegated domains. With a setup like this, is it best to push out a
> conformed suffix search list via group policy to all domain clients?
> By default, it puts the child domain and the parent - only searching
> two domains for DNS records, the rest is up to WINS. Naturally, this
> won't hit A, CNAME, and other records we create only in DNS.
>
> I was thinking of something similar to
> root.domain,child1.domain,child2.domain,child3.domain,etc.,etc. until
> all 20+ domains are entered. I have roughly 20,000 records total in
> the zone and have tried this method in a small test environment with
> great success. It appears not to take any longer searching all of the
> domains (my test involved all domains) for the record than it
> normally would.
>
> Down the road, we will probably implement a new DNS domain for misc
> types of records to keep them all in one spot and unique. Until
> then, would it hurt to have a huge suffix search list on 2000/XP
> machines?

IIRC, there is a limit of seven DNS suffixes in the DNS suffix search list.

There is an alternate, you mention WINS so I assume you have WINS replicated
throughout the forest. So you can configure the root domain which should be
search by all child clients, to use WINS for unknown hosts. (WINS tab of
zone properties)

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

Hi

You can use the root domain as central search point, configure it with
conditional forwarding (better for direction especific) or stub zones
(better for load balancing among the existent dns servers in a domain), or
secondary zones (Better for fast resolution answers).
Configure all child domains to forward to the Dns servers in root domain.
Configure all clients to iuse their Dns server in their site.


--
I hop that helps

Good Luck
Jorge Silva
MCSA
Systems Administrator





"Tim Chin" <blank> wrote in message
news:(E-Mail Removed)...
>I have over 20 domains in my environment and have each domain entered
>respectively in the root DNS servers for the zone. Some of the 20 are
>delegated domains. With a setup like this, is it best to push out a
>conformed suffix search list via group policy to all domain clients? By
>default, it puts the child domain and the parent - only searching two
>domains for DNS records, the rest is up to WINS. Naturally, this won't hit
>A, CNAME, and other records we create only in DNS.
>
> I was thinking of something similar to
> root.domain,child1.domain,child2.domain,child3.domain,etc.,etc. until all
> 20+ domains are entered. I have roughly 20,000 records total in the zone
> and have tried this method in a small test environment with great success.
> It appears not to take any longer searching all of the domains (my test
> involved all domains) for the record than it normally would.
>
> Down the road, we will probably implement a new DNS domain for misc types
> of records to keep them all in one spot and unique. Until then, would it
> hurt to have a huge suffix search list on 2000/XP machines?
>
> --
> Tim
>