I don't think that would solve the issue to be totally honest. I think the problem is more to do with DNS1.Domain1.rootdomain.com and possibly a time-out or other weirded out configuration.
To clarify: What software is DNS1 running? Are you just timing out in your query causing the failures? Why is DNS1 deployed in the first place? What purpose does it serve in that environment? Why does DNS1 forward to a host that hosts the same domain it does? That's weird to me. I realize it hosts other domains, but it's silly and inefficient to do things that way. What about permissions? Al -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Phil Renouf Sent: Tuesday, August 02, 2005 10:11 AM To: [email protected] Subject: Re: [ActiveDir] DNS Issue In the interest of making the name resolution more straight forward, is it possible for the Domain 1 DC to setup a conditional forwarder for Domain 2 and point it at Domain 2 (and not the root)? Phil On 8/2/05, Carerros, Charles <[EMAIL PROTECTED]> wrote: > Alright, I'm not the best at DNS and we are running into some issues > and I was hoping for some feedback. > > First we are using an empty root multi-domain forest structure. Our > domains are divided for divisions who all operate individually (with > the exception of the root of course.) We have shared resources in > each others domains that we all need to and some of our DNS isn't work > and some of it is. I know why things aren't working but at times I'm > not sure why it is. Very confusing so here is some more details. > > One of the domains have sites that aren't working. > > They have configured (this isn't one of my sites) a local DNS server > [dns1.domain1.rootdomain.com] that has one zone configured > [domain1.rootdomain.com](a secondary zone for the domain to which it > is a > part) and then they forward all other network traffic to their primary > domain controller for that domain. > > The domain controller for that domain [dc.domain1.rootdomain.com] has > a number of zones configured including the _msdcs.rootdomain.com zone > (for forwarding forest traffic lookup and they forward all other > traffic to their internet DNS servers. > > My domain uses AD integrated DNS with all DCs serving as DNS servers > and they replicate all of the zones across. They basically have the > domain2.rootdomain.com zone and the _msdcs.rootdomain.com zone with > forwards to rootdomain.com with the IP address of the rootdomain DNS > servers and then all other traffic to our internet providers. > > When people at site one try to reach a server at my location if they > are using the dns2.domain1.rootdomain.com server they are unable to > find all of the servers in the domain2.rootdomain.com domain. > Although I think the approach of domain1 isn't what I would consider > optimal because I prefer AD integrated DNS, I would still think that > with the extra hop these server should be able to find mine. > > The traffic flow logic would look something like this: > > PC in site1 is looking for a server srv1.domain2.rootdomain.com PC > queries dns1.domain1.rootdomain.com but cannot find the domain2 DNS > there, it forwards to dc.domain1.rootdomain.com > dc.domain1.rootdomain.com queries for srv1.domain2.rootdomain.com, > cannot find it, it forwards to rootdomain.com rootdomain.com then > forwards request to dc.domain2.rootdomain.com, which returns the IP > address of srv2.domain2.rootdomain.com > > Maybe this is too confusing to put in an e-mail or maybe I didn't word > it right. But if I did, does this sound correct. > > I do know that when I have the PCs at that site1 change their DNS > servers from the dns1.domain1.rootdomain.com to > dc.domain1.rootdomain.com and try to query they are able to get to my > servers. I'm wondering if we just need to add a few more forward > lookup for the rootdomain.com or add the _msdcs.rootdomain.com to that > servers DNS? > > Wow, I'm long winded today. > > Charlie > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
