Solved

What is "Forwarder" in DNS Server?

Posted on 2008-10-01
5
379 Views
Last Modified: 2010-03-17
Hi,

1. Could somebody explain related to the term "FORWARDER" in DNS Sever?
2. My Questions: i) Please firstly explain it with your own WORDINGS(With Examples if possible) , ii)Secondly with the "links" if any
3. Thank you

Tjie
0
Comment
Question by:tjie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 23

Assisted Solution

by:Justin Durrant
Justin Durrant earned 50 total points
ID: 22615439
0
 
LVL 6

Accepted Solution

by:
RemcovC earned 200 total points
ID: 22615474
A forwarder in a dns server is an other dns server to which dns queries go when the first server can't resolve.

For example:
You have a dns server A in your domain, a client requests www.experts-exchange.com, dns server A doesn't have this record. If you have configured a DNS forwarder (like your ISP dns server) dns server A queries this request with this server (and so on till the record is found) then returning it to the client.

Default a (microsoft) dns server has root-hint who do the same, but by setting a forwarder you can control where your request are going and make 1 exception in your firewall.

Here's a link from Microsoft explaning it :
http://technet.microsoft.com/en-us/library/cc782142.aspx
0
 
LVL 8

Assisted Solution

by:sstone55423
sstone55423 earned 125 total points
ID: 22615483
A forwarder is where your DNS server goes to get information.  If it cannot find the record in its own database, it will recurse outward to other servers until it finds the record, or fails.  Usually a DNS server will go through the DNS root name servers.  You can specify a forward lookup server though, in which case it will always go to that other DNS server (often your ISP's DNS server(s)) to do recursive lookups.  Best practices is to NOT do that though, as if that server is down, you get no lookups.  A root name server lookup has more redundancy in the event there is a downded server.
 
http://www.tech-faq.com/understanding-dns-queries-and-lookups.shtml
http://www.grape-info.com/doc/win2000srv/internet-gw/dns_forward/index.html 
0
 
LVL 8

Assisted Solution

by:anil_u
anil_u earned 125 total points
ID: 22615544
In your domain, you would have a DNS server. This would have a list of A records. These are a list of names mapped to ip addresses.
If the name is not resolved, DNS will look up the name in the root DNS zone
If you have a forwarder setup. Instead of looking up the name in he root zone, the name is sent to the forwarder ip adress which is another dns server and is tried to resolved there.

http://technet.microsoft.com/en-us/library/cc782142.aspx

Hope that makes sense
0
 

Expert Comment

by:Aegis_Gareth
ID: 22615876
A DNS server is responcible for resolving ip addresses from names it is given to query i.e www.google.com

If a forwarder is configured on a DNS server it's the address of another DNS server it will send queries to it's not responcible for answering.

Normally when you configure server 2003 you would use the forwarder setting within the DNS Server properties so that extrenal DNS requests go to your ISP's DNS server
0

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question