DNS Forwarders

Hello Guys.. I have 2 domain controllers in my test lab on windows server 2003 (dc): techlabtest.com(acts as dns server) and test.com(acts as dns server)...Dns has already been configured on each of them.

On Techlabtest:
ip address: 192.168.1.2
subnet: 255.255.255.0
gateway: 192.168.1.1 (from my isp)
dns: 192.168.1.2 ( this dc acts as my dns server)

On Test.com:
ip address: 192.168.1.4
subnet: 255.255.255.0
gateway: 192.168.1.1
dns: 192.168.1.4 (this dc acts as my dns server)

I have configure both forward and reverse lookup zone on each domain controllers.  From any client for the different domain i can resolve my server name etc etc...means so far it's ok...

Now i need to configure a trust relationship between Techlabtest.com and Test.com...I think before i do that i need to configure forwarders something like that or conditional forwarders.
Please help me on that..
So far on Test.com command prompt...i type nslookup serverone i.e the computer name of my domain controller Techlabtest.com, it can't resolve...i want it to resolve...and vice versa..

Please help....
Thanks
techlabtestAsked:
Who is Participating?
 
footechConnect With a Mentor Commented:
To create the stub zone.
Right-click Forward Lookup Zone > New Zone > next > Select Stub zone > Leave replication scope at default - "to all dns servers running on domain controllers in this domain" > enter the name of the domain for zone name > enter IP of the DC/DNS for domain name entered on the previous window, you can uncheck the box for "use the above servers to create a local list of master servers" (it'll work either way) > Finish.
Do the same on the other domain, just changing the domain (zone) name and IP used.
0
 
vaderjCommented:
If i recall, you have to go into the DNS service configuration and in the properties of the server configure it to propagate or allow reading from one server to another.  Unfortunatly i dont have access to an AD DNS server at the moment
0
 
techlabtestAuthor Commented:
R u talking about forwarders?
0
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

 
vaderjCommented:
What I'm taking about is more like replication which might be better in your circumstance - so instead of forwarding the request, the server handles it itself because it has the entry from the original dns server
0
 
techlabtestAuthor Commented:
Is there any other solution apart from replication?
0
 
rajivkumar07Commented:
First of all, You are on the same network. You should be able to ping both DCs from each other just fine. Can you?

Turn ur firewalls off. If you cant!

If I understood it correctly, on each DC, you are pointing to its own DNS. Right?

You dont need forwarder at this time if you dont wanna have a redundant DNS server to resolve the queries or you wanna access internet.

Just create a trust and see the output.
0
 
vaderjCommented:
I just reread your description and correct me if I am wrong:

You have two separate AD domains, each with their own, single, DC running Win2k3(R2?).
Each domain accesses the same internet gateway, but both domains are on the same subnet. If their Domain functional level is Win2k, I would consider raising to Win2k3.
I also believe that all you should need to do, as long as they are in the same forest (you may need to configure this) then settings up the interdomain two-way trust should be enough
0
 
footechCommented:
You need to configure it so that each DC can resolve the information for the other domain.  This can be done a few different ways:
 - set up forwarders to the other domain's DNS for that particular domain name
 - configure secondary zones (and allow transfers from the other domain's DNS)
 - configure stub zones (which point at the other domain's DNS)
My first choice would be stub zones, since they can update their information automatically if the nameservers on the other side change.  Second choice would be forwarders, and third would be secondary zones.

On Test.com DNS, create stub zone for TechLabtest.com and point it at 192.168.1.2.  Then do the reverse for the TechLabTest domain.
0
 
techlabtestAuthor Commented:
Thanks all for your comments...Only creating a trust wont be enough...Definitely, i need to configure dns (which i don't like) ...What i want? From my test.com domain, i want to resolve domain name of the other server i.e Techlabtest.com and vice versa..

Footech...your comments seems to be ok..Can you please give me the steps how to do it as i very weak in dns....

Thanks...
0
 
techlabtestAuthor Commented:
Footech:  still note working..can't resolve techlabtest on test

Thanks
0
 
footechCommented:
If it's not working there was a mistake made.  Can you please provide screenshots of the stub zones from both sides?
0
 
techlabtestAuthor Commented:
Yes..i need to reload it...

From serverone i.e techlabtest domain, when i do nslookup test.com, it resolves...and from the other it dont work..
Please see attached file.

Thanks
DNS.rtf
0
 
footechCommented:
OK.  Looks like you did everything right.  According to your screenshot, from test.com DC techlabtest.com resolves just fine, it's just not returning the local IP.  Most likely this is due to caching.  Try clearing the DNS server cache on test.com (or you could just reboot the DC).
0
 
techlabtestAuthor Commented:
Yes you r right.  Excellent.  Thanks a lot
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.