DNS service in AD

Question

I have n.6 AD server and now I want to resolve all external domains setting the forwarder section. I have to set this forwarder on all 6 server ?

Or I can set only 2 servers and set the others to point to 2 first ones? what advantages?

Answer 1

Hello,

1. Setting Forwarders on All Servers:

   - Pros: Each server operates independently and can directly communicate with external DNS servers.

   - Cons: If you update the list of forwarders or there's a change in their configuration, you'll need to make that change across all servers. Additionally, if one of your forwarders goes down, every server experiences that outage.

2. Setting Up Conditional Forwarders on Two Servers and Pointing Others to Them:

   - Pros: any changes to the forwarder settings only need to be made on these two servers.

   - Cons: Additional network traffic between your DNS servers, as internal servers will forward queries to the designated.  And if one of the two forwarder servers becomes unavailable, it affects DNS resolution for all servers that rely on them.

Best practice generally suggests using conditional forwarding for specific external domains when required, but for general internet name resolution, configuring forwarders on all DNS servers is common.

However, you can choose to configure forwarders on just a few reliable, high-performance servers and then set the rest to use those as their forwarders (primary/secondary DNS configuration).

---

If the Answer is helpful, please click "Accept Answer" and upvote it.

Answer 2

Hi @CorsaroDelVento

The both configuration can work.

There are not a big advantage.

From my point of view the advantage to set forwarder on 6 DC , in case when 2 servers failed , client will continue resolving external domain through one of 4 remaining server. In this case You should define in IP configuration on your member servers and client 3 or more DNS resolvers.

---

Please don't forget to accept helpful answer