• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 482
  • Last Modified:

DNS Forwarding between domains with NO trust

Howdy All,

I have 2 domains with separate DNS servers. there is no trust between the two domains. only one of the domains has access to public DNS. The other domain is setup to use the first's DNS servers as forwarders. since there is no trust is there any special configuration need?
0
Ben Stirling
Asked:
Ben Stirling
  • 10
  • 6
2 Solutions
 
Joshua GrantomSenior EngineerCommented:
not if you have the conditional forwarders setup the way you want them to be.
0
 
Ben StirlingAuthor Commented:
The way this is setup (BTW Not my idea) is a chain of forwarders. domain 1 forwards to public, domain 2 forwards to domain 1.
0
 
Joshua GrantomSenior EngineerCommented:
That will work, domain 2 will be able to do local lookups through domain 2, and local domain 1 lookups and public lookups through domain 1
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Ben StirlingAuthor Commented:
domain 2 will not resolve domain 1 DNS as a forwarder. please note that this does not look like a network issue AKA the packets seem to be getting to domain 1 DNS but i does not look like it is responding.
0
 
Joshua GrantomSenior EngineerCommented:
have you flushed the dns on domain 2 DNS server?

the conditional forwarder from domain 2 has the domain company1.com forwarding to domain 1 correct?
0
 
Ben StirlingAuthor Commented:
just fyi. domain 2 DNS is allowed to send port 53 UDP / TCP traffic to domain 1 DNS. no other traffic if passed between them.
0
 
Ben StirlingAuthor Commented:
I have flushed the DNS as well as disabled EDNS
0
 
Ben StirlingAuthor Commented:
Domain 2 DNS has no info on domain 1 DNS save to use it as a forwarder
0
 
Joshua GrantomSenior EngineerCommented:
you will need to allow domain 1 pass traffic back to domain 2 for responses
0
 
Ben StirlingAuthor Commented:
when domain 2 sends domain 1 a DNS query to opens a session in the firewall and domain 1 is allowed to respond but not open a connection of its own
0
 
Joshua GrantomSenior EngineerCommented:
I'm curious to see how your Conditional forwarding is setup.
0
 
Ben StirlingAuthor Commented:
there are no Conditional forwards. domain 2 doesn't need DNS about domain 1 it only needs public DNS info forwarded via domain 1.
0
 
Joshua GrantomSenior EngineerCommented:
Oh, you are right, that makes no sense. If Domain 1 does not need to look up anything for Domain 2 then why use it for DNS at all with domain 2?
0
 
Ben StirlingAuthor Commented:
Again NOT My idea, however there are reasons why domain 2 is not allowed to reach to public DNS.
0
 
Ben StirlingAuthor Commented:
The issue was with the firewalls between the DNS servers. The transparent proxy caused issues.
0
 
Ben StirlingAuthor Commented:
I found the resolution.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 10
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now