Empty Root DNS Design

M

Mike Kline

I wanted to see if anyone had any thoughts on our DNS
design.

Empty root = Company.com -- Active Directory Integrated
Zone

Child Domain = child.company.com -- Active Directory
Integrated

Child Domain = child2.company.com -- Active Directory
Integrated

Comapany.com will have delegations to the child domain DNS
servers. The child DNS servers will be configured as a
secondary zone to the compay.com zone. This configuration
is for fault tolerance and allows the child name servers
to contact the other child without talking to the root.

Is this overkill? Would the AD Integrated zones transfer
the data to each other or is the secondary zone on the
child domains a good idea?

Thanks
Mike
 
K

Kevin D. Goodknecht [MVP]

In
Mike Kline said:
I wanted to see if anyone had any thoughts on our DNS
design.

Empty root = Company.com -- Active Directory Integrated
Zone

Child Domain = child.company.com -- Active Directory
Integrated

Child Domain = child2.company.com -- Active Directory
Integrated

Comapany.com will have delegations to the child domain DNS
servers. The child DNS servers will be configured as a
secondary zone to the compay.com zone. This configuration
is for fault tolerance and allows the child name servers
to contact the other child without talking to the root.

Is this overkill?
Click to expand...
No.

Would the AD Integrated zones transfer
the data to each other or is the secondary zone on the
child domains a good idea?
Click to expand...
You would have to use secondaries, AD zones only replicate to DCs in their
domain.

Of course there is the option of using the root as DNS and Global catalog
since it won't be authenticating users anyway. But then you would need a
parent DC at each location, and it would allow you to have all DNS in one
zone, and replicating to all DCs in the parent domain.
 
G

Guest

Thank you Kevin that did help!!
-----Original Message-----
In
No.

Would the AD Integrated zones transfer
You would have to use secondaries, AD zones only replicate to DCs in their
domain.

Of course there is the option of using the root as DNS and Global catalog
since it won't be authenticating users anyway. But then you would need a
parent DC at each location, and it would allow you to have all DNS in one
zone, and replicating to all DCs in the parent domain.




.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Empty Root Domain Design 1
AD integrated DNS - Parent Child question 3
transfers / updates between root and child domain 3
After server restart Dns zone is disappears 18
Zone x-fer event 6525 "refused" error happens frequently 9
Fix Child Domain DNS prior to adding 2003 DCs 1
Zones disappearing - no idea why - help! 2
Clarification on integrated DNS situation 3

Top