Privacy policy. This article describes methods that you can use to configure DNS if queries that are directed to the Internet are not resolved correctly, but local intranet name resolution functions correctly. The Cache. You can manually add root hints by using the DNS snap-in, replace the Cache.
To manually add root hints on a Windows Server DNS server that is not configured as a domain controller:. But root hints only appears to be the default when setting up a windows server for the DNS role. And I've seen discussion of the matter where people argue the use of root hints and NO forwarder. Perhaps the recommendations have changed over time? Here is another website with this recommendation HERE ;.
But search results lead to arguments for only root hints which, as someone who never did it that way, seemed a bit strange and raised the question "then why doesn't it work for this person I'm helping".
I had a similar issue recently where the Root Hints files on some of our DNS servers were outdated or corrupted, resulting in sporadic DNS resolution failures.
I think I fixed it by entering DNS forwarders not sure why they weren't entered originally and then updating the Root Hints files. I'm not sure that doing a root lookup is a big problem, but it is a multi-step process, so using your ISP's DNS or public DNS like Google's as a forwarder is generally the better solution, in my opinion.
The root hints are a vital piece of the global Internet and should only be queried by those that know what their doing - not every little company out there looking for recursive DNS - they are NOT your personal DNS servers. Some ISPs have a way to opt-out of this "very obvious and disturbing net nuetrality violation" and some don't, in which case, I'd suggest you vote with your wallet and find another ISP.
FYI, I didn't set it up this way and at this point I'm not looking to mess with things outside of the scope of the issue in my question external domain resolution not working with root hints and DNS caching. I know that the configuration is incorrect, I've dealt with the group that set it up and repeatedly find these issues. I will most likely go back in at another point and set it up for them correctly, but not right now. It is working and I rather not inadvertently make more work for myself changing something without proper investigation and understanding on the configuration.
That means in a merger or supply-chain scenario you must be sure the other company doesn't plan on changing their DNS infrastructure by decommissioning old name servers, deploying new ones, or changing the IP addresses of existing ones.
If they do change their infrastructure and don't inform you of this, then your name server may suddenly find itself forwarding queries to non-existing name servers resulting in failed name queries and frustrated users flooding help desk with calls. In that case, it might be better to create stub zones on your name servers for zones for which the other company's name servers are authoritative. That's because stub zones automatically update themselves with the current list of name servers in the zone while configuring forwarders is a process that has to be done manually.
Same thing in a large enterprise that has a complex Active Directory forest--if you aren't sure that administrators in other divisions of your company are going to tell you in advance when they change their DNS infrastructures, don't implement conditional forwarding--use stub zones instead.
The second caveat concerning conditional forwarding is not to get to carried away implementing it. You might think you could improve name resolution for your users by adding dozens of forwarders for the most popular Internet sites they use for work purposes, but this might be a bad idea. The reason is, when you have a long list of conditional forwarders configured, your name server has to go through the entire list until it either finds the domain requested or fails to find it, in which case standard forwarding is used if configured , after which root hints is tried and standard recursion employed.
The result of this is that your name server has to perform extra processing to go through the forwarders list each time a query is received, and in addition to increasing the CPU load on your server this can also result in slower name resolution rather than faster due to the time it takes to process an especially long list. And if the forwarder itself is also part of your own company's DNS infrastructure then be aware that the added load of receiving forwarded queries from other name servers and performing recursive queries to resolve them means your forwarders will experience especially heavy CPU utilization and may need to have their hardware beefed up considerably to handle it.
So if you do plan on using conditional forwarding, particularly within your own enterprise, be sure to use it only where it really makes a difference and use it sparingly. He has written more than a thousand articles and has authored or been series editor for over 50 books for Microsoft Press and other publishers. He currently runs an IT content development business in Winnipeg, Canada. Your email address will not be published.
Learn about the latest security threats, system optimization tricks, and the hottest new technologies in the industry. Thank you! Any more feedback?
The more you tell us the more we can help. Can you help us improve? Resolved my issue. Clear instructions. Easy to follow. No jargon. Pictures helped. Didn't match my screen. Incorrect instructions. Too technical.
0コメント