Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Conditional Forwarding vs. Secondary Zone

3 views
Skip to first unread message

jamestechman

unread,
Jun 25, 2008, 2:07:09 PM6/25/08
to
What's pros and cons of doing either a conditional forwarding or
hosting a secondary zone? Is there a compelling reason to do either
or? Thanks.

James Chong (MVP)
MCITP | EMA; MCSE | M+, S+,
Security+, Project+, ITIL
msexchangetips.blogspot.com

Chris Dent [MVP]

unread,
Jun 25, 2008, 2:33:55 PM6/25/08
to

Hey James,

Conditional Forwaders:

Pros:

No configuration required on Primary server
No ongoing maintenance (unless the master changes)
Can be DS Integrated in both Domain and Forest if AD is in use

Cons:

If the Primary is down you won't resolve names unless cached
If the Primary changes IP you won't resolve names until fixed

Secondary Zones:

Pros:

Full off-server copy (Read Only)
Allows resolution of names within zone if Primary is unavailable
Valid until Expiry value set in SOA record (can be set to a large value,
months if required)
Allows replication of DNS data without DS Integrated Zones

Cons:

Requires permission to Transfer on Primary
Cannot be DS Integrated (must be configured on each server)
Occasionally troublesome if values for NS Records become out of date

Generally speaking I'd term Secondaries better where fault tolerance is
required. If connections and servers are reliable and consistent service
isn't as big an issue Conditional Forwarders are possibly better.

--
Chris Dent
MVP - Directory Services


"jamestechman" <jamest...@gmail.com> wrote in message
news:5ae09db4-b7ad-4b9e...@z66g2000hsc.googlegroups.com...

jamestechman

unread,
Jun 25, 2008, 3:14:24 PM6/25/08
to
Thanks for the comprehensive response. We have disjointed domains with
many zones and currently set as secondary. Was looking at changing it
to conditional forwarding seems simpler and cleaner but wasn't sure if
there was a compelling reason ie performance; redundnacy to justify.
Will probably keep it as is.


James Chong (MVP)
MCITP | EMA; MCSE | M+, S+,
Security+, Project+, ITIL
msexchangetips.blogspot.com

> "jamestechman" <jamestech...@gmail.com> wrote in message


>
> news:5ae09db4-b7ad-4b9e...@z66g2000hsc.googlegroups.com...
>
>
>
> > What's pros and cons of doing either a conditional forwarding or
> > hosting a secondary zone? Is there a compelling reason to do either
> > or? Thanks.
>
> > James Chong (MVP)
> > MCITP | EMA; MCSE | M+, S+,
> > Security+, Project+, ITIL

> > msexchangetips.blogspot.com- Hide quoted text -
>
> - Show quoted text -

Chris Dent

unread,
Jun 26, 2008, 4:32:18 AM6/26/08
to

Fair enough, glad I could help out a little bit :)

Chris

"jamestechman" <jamest...@gmail.com> wrote in message

news:301a46c3-07f9-4b2f...@y21g2000hsf.googlegroups.com...

Kevin D. Goodknecht Sr. [MVP]

unread,
Jun 27, 2008, 9:09:42 AM6/27/08
to
Read inline please.

In news:C43C86E4-C46B-4DB3...@microsoft.com,


Chris Dent [MVP] <ch...@highorbit.co.uk> wrote:

> Cons:
>
> Requires permission to Transfer on Primary
> Cannot be DS Integrated (must be configured on each server)
> Occasionally troublesome if values for NS Records become out of date
>
> Generally speaking I'd term Secondaries better where fault tolerance
> is required. If connections and servers are reliable and consistent
> service isn't as big an issue Conditional Forwarders are possibly
> better.

One major additional Con for a secondary zone, if the Primary is a dynamic
DNS zone with even just a few clients or servers registering in the Master.
Every time the master is updated, the Secondary will request a zone
transfer, which will be logged in the event log, and even with a few clients
updating DNS the log will begin to fill the log and possibly cause event
3000 warnings for Run-time events (Events happening in rapid succession).


--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================


oz.ozugurlu

unread,
Jul 3, 2008, 9:41:00 PM7/3/08
to
Conditional forwarding is to me, When a DNS server is being asked , question
for a specific DNS name space, instead of performing recursive query to find
out who the authoritative DNS server for requested name space, it is to way
(Shortcut if you will say so) to know who to send these queries too.
When jammed in the traffic and trying to find your way out your own way out,
if someone ask direction to go to downtown (you don’t even try to think, or
spend time, since you are busy) instead you direct the requester, by pointing
the requester to someone else, who is expert in down town.
I would not configure a secondary zone; instead I would use conditional
forwarding and be done with it for the requested name space. I have
successfully implemented conditional forwarding and actually deleted
redundant secondary zones from DNS servers and allowed better DNS /
Replication flow in several networks.

--
Oz Ozugurlu
MVP (Exchange)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +


o...@SMTp25.org
http://smtp25.blogspot.com (Blog)

0 new messages