none
DNS conditional forwarding - Remote DNS server

    Question

  • Our setup consists of 2 Domains that are a parent/downstream node domain setup (tax.net and corp.tax.net). Our setup demands that there be no replication between the parent/downstream domains, so in essence, we have a setup that consists of 2 domains (2 DCs) with no network connectivity between the two and acting as independent domains (both are managed by different set of vendors).

    Now as a part of a few new requirements, we have been asked to use Conditional Fwds to help resolve Hostname queries for hosts under tax.net from corp.tax.net. I just want to know if this can be implemented by just opening the DNS port between the 2 domains or that we have to take any other thing into consideration while doing such a forwarding.

    Wednesday, April 07, 2010 5:56 AM

Answers

  • Howdie!

    Am 07.04.2010 07:56, schrieb Mrunal Hulikal:
    > Now as a part of a few new requirements, we have been asked to use
    > Conditional Fwds to help resolve Hostname queries for hosts under
    > tax.net from corp.tax.net. I just want to know if this can be
    > implemented by just opening the DNS port between the 2 domains or that
    > we have to take any other thing into consideration while doing such a
    > forwarding.
    >

    Yap, that should do the trick. If routing and networking is setup
    correctly, you can pretty much go create a forwarder in DNS and forward
    requests for that other domain to the DC/DNS servers of the foreign domain.

    Cheers,
    Florian

    Microsoft MVP - Group Policy (http://www.frickelsoft.net/blog)
    • Marked as answer by Mrunal Hulikal Wednesday, April 07, 2010 11:20 AM
    Wednesday, April 07, 2010 6:37 AM
  • Make sure that recursion is enabled on the DNS server on which you configure forwarders on. In addition, if you are assigning conditional forwarders on per-DNS server basis, you need to ensure that all DNS servers in a given domain (corp.tax.net in your case) are configured in the same way (and are able to reach the relevant DNS servers in tax.net domain)...

    hth
    Marcin

    Wednesday, April 07, 2010 11:37 AM

All replies

  • Howdie!

    Am 07.04.2010 07:56, schrieb Mrunal Hulikal:
    > Now as a part of a few new requirements, we have been asked to use
    > Conditional Fwds to help resolve Hostname queries for hosts under
    > tax.net from corp.tax.net. I just want to know if this can be
    > implemented by just opening the DNS port between the 2 domains or that
    > we have to take any other thing into consideration while doing such a
    > forwarding.
    >

    Yap, that should do the trick. If routing and networking is setup
    correctly, you can pretty much go create a forwarder in DNS and forward
    requests for that other domain to the DC/DNS servers of the foreign domain.

    Cheers,
    Florian

    Microsoft MVP - Group Policy (http://www.frickelsoft.net/blog)
    • Marked as answer by Mrunal Hulikal Wednesday, April 07, 2010 11:20 AM
    Wednesday, April 07, 2010 6:37 AM
  • HI

    I can understand from your post that you have root domain named tax.net  and child one named corp.tax.net and you have disabled any kind of communication between those 2 domains and now you need to setup conditional forwarder between 2 domains  ,as Florian Frommherz mentioned above you can do that if you configured your firewall correctly but I have on concern here related to replication between those 2 domains and time synchronization  how you handle those things while you disable any kind of communication between those domains the child domain should be able to Sync time with the root PDC also I think it should replicate information about schema and global catalog   

    Wednesday, April 07, 2010 6:54 AM
  • Hi sameh,

    The 2 domains act independent of each other, and have their separate NTP, Schema and GC. We just replicated the designs on both of the domains from a common template. Other than the naming convention used here, to depict them as parent-child domains, they follow no other rules as a parent-child domain arch.

    Rgds,

    MH

    Wednesday, April 07, 2010 11:19 AM
  • Thanks for the confirmation Florian. Will try this and get back.
    Wednesday, April 07, 2010 11:24 AM
  • Make sure that recursion is enabled on the DNS server on which you configure forwarders on. In addition, if you are assigning conditional forwarders on per-DNS server basis, you need to ensure that all DNS servers in a given domain (corp.tax.net in your case) are configured in the same way (and are able to reach the relevant DNS servers in tax.net domain)...

    hth
    Marcin

    Wednesday, April 07, 2010 11:37 AM