DNS and directed lookups explained

With Microsoft DNS Server you roughly have three ways to force lookup to specific servers. They are:

• Stub zones
• Secondary zones
• Conditional forwarding

In any environment with split DNS, non-public zones or where you use .local domains you need to plan how to manage DNS lookups from third parties.

In this article you can read about the differences between these types.

 

Stub zones

When you configure a stub zone you only tell the DNS Server where to download the glue records for the zone. The glue records contains SOA, NS and if needed the corresponding A/AAAA records for that zone. Further resolving from the DNS server is done using these records. You have to type in one or more IP addresses of DNS servers to download the glue records from.

The local DNS server will use these records and continue recursion as normal, using these NS pointers as hints. You can not control what DNS Server that will be queried.

Secondary zones

A secondary zone contains a copy of the entire zone and can give authoritative answers. The entire content of the zone is downloaded from your DNS Servers (you have to specify where to download the zone from) and stored in a local file.

Conditional forwarders

This is also known as a forward delegation. When you configure a conditional forwarder you simply say that for all queries to a domain, ask this (or these) IP addresses.

All queries are recursive with a conditional forwarder.