Solved

DNS

Posted on 2011-02-21
3
329 Views
Last Modified: 2012-05-11
Hi Experts,
                      I have a doubt can anyone explain. Whats the difference between Stub zone and zone delegation. What are all the records present in Stub zone and Zone delegation.
                 
0
Comment
Question by:columbuseng
3 Comments
 
LVL 70

Accepted Solution

by:
Chris Dent earned 167 total points
ID: 34942588

Stub zones are the rough equivalent of Conditional Forwarders, they provide you with the means of resolving names from a different zone. The advantage over Conditional Forwarding is that the location of the name servers for the zone dynamically update.

Delegation is a bit of a different beast. Delegation is used to pass on authority for a sub-domain to another set of name servers. To delegate you must own the parent, for instance, to delegate corp.domain.com you must have access to manage domain.com.

Chris
0
 
LVL 20

Assisted Solution

by:woolnoir
woolnoir earned 167 total points
ID: 34942599
there is a good post on petri about this

http://www.petri.co.il/forums/showthread.php?t=17161

Delegation - Similar to what the root servers do to the top level domains (com, org, net etc.). They "know" there's something down there, they "know" who's the DNS server that's holding that information (i.e authoritive for that domain), and that's about it.

In order to delegate a domain, the DNS tha'ts delegating needs to hold the parent domain. For example, DNS holding the petri.co.il zone CAN delegate to the sales sub-domain under petri.co.il. It CANNOT delegate to the cnn.com domain.

Oh, and they do not need the sub-domain's permissions to do that.

Stub Zone - Like in delegation, the DNS server "knows" there's something out there, and "knows" who's the DNS server that's authoritive for that domain. Like delegation, stub zones DO NOT REQUIRE the cooperation of the "other" DNS server.

Unlike delegation, the DNS tha'ts holding the stub zone does NOT need to hold the parent domain or any other domain for that matter. For example, DNS holding the petri.co.il zone CAN have a stub zone to practically any other domain in the world, as long as the authoritive DNS of the "other" domain "knows" about this and authorizes the part-time zone transfer.

Conditional Forwarding - Like in delegation, the DNS server "knows" there's something out there, and "knows" who to forward the query to (this does NOT necessarily have to be the DNS server that's authoritive for that domain). Like with delegation, conditional forwarding does NOT require the cooperation of the "other" DNS server, and no zone transfer takes place.

Also, unlike delegation and just like with stub zones, the DNS that's holding the stub zone does NOT need to hold the parent domain or any other domain for that matter. For example, you can configure conditional forwarding of your queries to any DNS server in the world, as long as you think it "knows" better than you about a specific target domain.

Unlike regular forwarding, where ALL the queries that the DNS is not authoritive for or does not have information for in its cache are forwarded to ONE external DNS server (most likely - the ISP's DNS server), conditional forwarding is done for a specific domain. Just like stub zones, this allows much more flexibility between organizations that have some sort of relationship between them but without the need to establish any sort of replication between them
0
 
LVL 39

Assisted Solution

by:Krzysztof Pytko
Krzysztof Pytko earned 166 total points
ID: 34942621
Stub zone is a zone with NS and A records of DNS servers. There cannot be any other DNS records. It is used for name resolution for other domains if you don't want to replicate/transfer whole DNS zones for them.
Mostly used in Trust Relationship creation process (stub zone or conditional forwarders)
http://technet.microsoft.com/en-us/library/cc779197%28WS.10%29.aspx

In zone delegation you decide what you want to transfer/replicate. Using zone delegation you can permit DNS management for other users in your network, manage zone load balancing, replication traffic between DNS servers. Zone delegation is more flexible in management/ delegated management for administrators.
http://technet.microsoft.com/en-us/library/cc784494%28WS.10%29.aspx

Regards,
Krzysztof
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now