DNS Suffixes

[Tim Chin]

I have over 20 domains in my environment and have each domain entered
respectively in the root DNS servers for the zone. Some of the 20 are
delegated domains. With a setup like this, is it best to push out a
conformed suffix search list via group policy to all domain clients? By
default, it puts the child domain and the parent - only searching two
domains for DNS records, the rest is up to WINS. Naturally, this won't hit
A, CNAME, and other records we create only in DNS.

I was thinking of something similar to
root.domain,child1.domain,child2.domain,child3.domain,etc.,etc. until all
20+ domains are entered. I have roughly 20,000 records total in the zone
and have tried this method in a small test environment with great success.
It appears not to take any longer searching all of the domains (my test
involved all domains) for the record than it normally would.

Down the road, we will probably implement a new DNS domain for misc types of
records to keep them all in one spot and unique. Until then, would it hurt
to have a huge suffix search list on 2000/XP machines?

 

[Kevin D. Goodknecht Sr. [MVP]]

I have over 20 domains in my environment and have each domain entered
respectively in the root DNS servers for the zone. Some of the 20 are
delegated domains. With a setup like this, is it best to push out a
conformed suffix search list via group policy to all domain clients?
By default, it puts the child domain and the parent - only searching
two domains for DNS records, the rest is up to WINS. Naturally, this
won't hit A, CNAME, and other records we create only in DNS.

I was thinking of something similar to
root.domain,child1.domain,child2.domain,child3.domain,etc.,etc. until
all 20+ domains are entered. I have roughly 20,000 records total in
the zone and have tried this method in a small test environment with
great success. It appears not to take any longer searching all of the
domains (my test involved all domains) for the record than it
normally would.

Down the road, we will probably implement a new DNS domain for misc
types of records to keep them all in one spot and unique. Until
then, would it hurt to have a huge suffix search list on 2000/XP
machines?

IIRC, there is a limit of seven DNS suffixes in the DNS suffix search list.

There is an alternate, you mention WINS so I assume you have WINS replicated
throughout the forest. So you can configure the root domain which should be
search by all child clients, to use WINS for unknown hosts. (WINS tab of
zone properties)

 

[Jorge Silva]

Hi

You can use the root domain as central search point, configure it with
conditional forwarding (better for direction especific) or stub zones
(better for load balancing among the existent dns servers in a domain), or
secondary zones (Better for fast resolution answers).
Configure all child domains to forward to the Dns servers in root domain.
Configure all clients to iuse their Dns server in their site.


--
I hop that helps

Good Luck
Jorge Silva
MCSA
Systems Administrator