Delegating AD-domain from Bind: how many servers?

P

Pekka

I have a Bind DNS, which is authoritative to a certain zone, lets call it
"company.com". AD uses subdomain of it, lets call it "ad.company.com",
which is delegeted from the parent Bind to W2k DNS servers.

Current setup is such that in the Bind server we have configured only
handful (5 or so) of the W2k DNS server, not all W2k DNS servers (50 +). I
understand the term "lame servers" is correct for this kind of setup. The
traditional way of doing the delegations is to configure ("advertise") all
authorative name servers.

Should I add all those over 50 W2k DNS server to the Bind's configuration?
Any possible issues related to that? (like use of tcp instead of udp due
to packets getting too big)
And vise versa: what are the possible issues with our current setup?

BR
Pekka
 
H

Herb Martin

Pekka said:
I have a Bind DNS, which is authoritative to a certain zone, lets call it
"company.com". AD uses subdomain of it, lets call it "ad.company.com",
which is delegeted from the parent Bind to W2k DNS servers.
Click to expand...

Ok, perfectly normal and straight forward.
Current setup is such that in the Bind server we have configured only
handful (5 or so) of the W2k DNS server, not all W2k DNS servers (50 +). I
understand the term "lame servers" is correct for this kind of setup. The
traditional way of doing the delegations is to configure ("advertise") all
authorative name servers.

Should I add all those over 50 W2k DNS server to the Bind's configuration?
Any possible issues related to that? (like use of tcp instead of udp due
to packets getting too big)
Click to expand...

This cannot be answered definitively without knowing the number of
request and pattern of resolution.

For instance: Suppose those 50 DNS servers are at distributed
locations, seldom used by any except the clients at the same
physical location.

Suppose further that there is an occasional need for the parent
domain to reference a name in the child (ad...) zone and almost
always the few servers listed are the best choice.

Then you solution seems fine.

You can likely imagine other scenarios in which this
would not be the case -- or describe your actual
WAN-LAN-DNS architecture.
And vise versa: what are the possible issues with our current setup?
Click to expand...

My guess (it's just a guess): None.
 
P

Pekka

Thanx! I think I understand now the point and how to figure out the
possible issues... /pekka
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Unix BIND and Windows 2003 DNS coexist problem with Forwarder on. 5
Integrating AD to existing Bind DNS 2
AD DDNS Updates ignored with Bind 9 ? 7
DNS domain names? 3
[WARNING] Cannot find a primary authoritative DNS server --- DNS W/O AD, NOT DC, Stand Alone server 2
Intranet Webserver/Application Servers and DNS 3
DNS and 2003 AD integration qustion 2
NT 4 Domain upgrade to Win2000 AD with BIND DNS 3

Top