In article <fccfp1$lh
...@nnrp.ngi.it>, "Gabriele" <ga
...@gabro.net>
wrote:
> I would like to build a DNS hierarchy with a company-internal
> "mycompany.com." domain (hosted on name servers running BIND) and an
> "ad.mycompany.com." subdomain delegated to DNS administrators of a Microsoft
> Active Directory environment.
> I've seen that setting either forwarders (1) or zone-delegation (2) make
> name resolution work even for sub-domain hosts:
> 1) zone "ad.mycompany.com" IN {
> type forward;
> forwarders {10.0.0.1; 10.0.0.2;};
> };
> 2) $ORIGIN ad.mycompany.com.
> @ IN NS ns1.ad.mycompany.com.
> @ IN NS ns2.ad.mycompany.com.
> ns1 IN A 10.0.0.1
> ns2 IN A 10.0.0.2
> Even if both works, I think option 2 is best as forwarders are set in
> "named.conf" per-server configuration file, while the delegation is set in
> the "domain.com" zone file that would be transfered to any secondary (slave)
> name server.
> What's your opinion?
Forwarding won't work if you're getting requests from caching
nameservers. They send non-recursive requests, and forwarding is only
followed for recursive requests. Also, the caching servers can cache
the delegation records, so from then on they'll go directly to the
ad.mycompany.com servers, rather than going through the mycompany.com
servers.
If the client machines are pointing directly to the mycompany.com
servers in their resolver configurations then there's not much
difference, other than the one you point out about only having to change
things in one place.
--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
