During the German Tradeshow Systems the Magazin IT-Administrator which I'm writing for will deliver some technical sessions on Oktober 25th. I will speak at two of them, a fellow MVP Walter Steinsdorfer will do two others. The sessions will be delivered in German. So if you speak German and you are interested in attending please visit the following page for details and registration:
Enjoy the sessions!
Im my last blog post I mentioned how you are able to use conditional forwarders to forward request to specific namespaces / DNS-Zones to specific servers instead of using the general forwarder. This is also sometimes referres as "Forward Delegations".
In this context I mentioned Stub-Zones and promised to explain later what they are. Im my words Stub-Zones are "Dynamic Conditional Forwarders". What a Stub-Zone does: it queries a server you specify for a list of NS-Records, so you've got a list of all name-servers responsible for a zone. Then it'll query the server for the A-Records of the Nameservers of the zone.
You are also able to use Stub-Zones instead of the regular (non-conditional) delegation, also refered as "Reverse Delegation".
Stub-Zones are dynamic - if you add new Nameservers for a Zone the Stub-Zones will get this information and also use the new servers.
Also the Stub-Zones do receive their informations by just querying DNS-Servers instead of requesting a Zone-Transfer. You can even add Stub-Zones for Zones where Zone-Transfers are not allowed.
If Firewalls are involved: with a Stub-Zone you cannot specify which DNS-Server of the nameservers responsible for the zone in question is really used to resolve the name. If you have specific ports opened just between some servers in question then a Delegation is better.
Same thing if you would prefer the use of specific servers. For example if you have a Hub Office and some branch offices, and the forest root servers are in the hub office, a sub-domain is spread out in the remote offices. Usually all Cliens and Servers are querying the sub-domains DNS-Servers, however some central systems in the Hub-Office are using the Root-Servers for DNS-Requests. Do you really want those central systems which ask the Root-Domains-Servers for queries in the Sub-Domain to get delegated to a remote server? This "might" happen when you'd be using Stub-Zones. So you want to keep those at your central office.
So there are pro's and con's when it comes to using Stub-Zones instead of (static) delegations.