Can Windows DNS Server fall back to public DNS records for a domain it is authoritative for?
The Windows Domain doesn't follow best practices and uses a public domain name. The DC manages DNS for the internal domain example.com, but there are various subdomains to example.com on public DNS servers that should still work from within the domain.
I could add static records to reflect the public records, but I'd have to change them manually in both places, public DNS and internal.
Can the Windows DNS just return results from a public NS if there is no record configured in the local domain?
Example: example.com is registered at a public registrar like namecheap and uses the namecheap name servers. The internal windows domain example.com DNS is managed by the DC and should still be able to resolve local hosts like srvint.example.com, but hosts not in the internal domain, like www.example.com, must be looked up from the namecheap name servers.
Answer
If the DNS server is authoritative for the DNS domain, then there is no way to get him to send DNS requests to this domain to other servers.
This is one of reasons why the best practices recommended not to use the public domain name.
You have only two options with this configuration:
- Publish an authoritative server outside the domain and delegate it (really bad idea).
- Organize the creation on internal authoritative DNS server static copies of external records (as you suggested)
No comments:
Post a Comment