Posted on 2012-03-23
I'm starting to dig into DNS forwarders and how they really work and what to get an idea of others experiences.
In our environment, we have primary DNS servers that house 20 or so zones and then we have secondaries that store a subset of those zones. The primary DNS servers do zone transfers with the secondaries.
For this example, primary dns server at IP 192.168.110.10 host zones called: A.com, B.com, C.com, D.com, E.com, F.com, G.com, H.com, and I.com.
Secondary DNS server at IP 192.168.110.20 holds zones A.com, B.com, C.com, and D.com. Secondary DNS server at IP 192.168.110.20 is set to "forward" request it can't answer to 192.168.110.10.
Lets imagine a scenario in which for whatever reason (it's happening here) that secondary server at IP 192.168.110.20 looses it's ability to pull zone transfers from 192.168.110.10. For this example lets focus on the zone A.com. In this situation the A.com dns zone on 192.168.110.10 would start accumulating updates but would never trickle down to the A.com zone on 192.168.110.20.
My question is this: lets say a new dns entry called test.a.com is on the A.com dns zone of 192.168.110.10. My windows 7 laptop has only 1 DNS server in it's TCP/IP Stack (192.168.110.20). When I open nslookup from my windows 7 workstation and type test.a.com it queries 192.168.110.20 (which doesn't have the record). Why does 192.168.110.20 forward to 192.168.110.10?