Proper DNS configuration for single forest with multiple domains.
Posted on 2008-06-15
Hello, I have inherited a network with some dns issues. I need some insight on how the dns servers should be configured. Here is what I have:
A root domain we will call root.local, it has 2 sub domains, sub1.root.local and sub2.root.local
Root.local and sub1.root.local are here in the data center, sub2.root.local is a remote location connected to the data center via VPN through a 10 Mb bonded pri.
There is one ADC (active directory controller) for root.local
There are 2 ADCs for sub1.root.local
There are 2 ADCs for sub2.root.local
The ADCs for sub2.root.local, one is at the remote location, on is in the local data center. (Mind you, I did not set the up.)
Currently, the remote location ADC dns in the tcp/ip config on the nic is pointed to the dns server on ADC DNS server for root.local in the data center. The DNS server at the remote location seems to be setup as a standalone server, no forwarding. Just setup to use root server for lookup. At this time, I do not know if its DNS is setup as AD integrated.
Here is the problem, when the WAN link went down, the remote users could not authenticate. After doing my initial survey, it does appear that DNS is the culprit. I have not setup DNS for multiple domains before, but it seems that the remote server should be looking to itself for dns.
What I need to know is how to properly setup the dns servers for root.local sub1.root.local and sub2.root.local so they communicate and replicate their information for the forest properly.
This is a pure server 2003 environment.
What I think: (Please tell me where I am wrong)
I think that the ADCs for root.local should be the primary DNS server, setting up the DNS server for sub1.root.local and sub2.root.local as secondary DNS servers, forwarding to the DNS server for root.local. Or a possibly a conditional forward for local domain name lookups.
I guess what I dont understand is how the DNS servers replicate information to each other, rather than just forwarding requests. I have scoured the net and experts-exchange with no specific answer.
A crash course in how this works would be great, if I need to break this down into other questions just let me know.