Your company has an Active Directory domain named ad.contoso.com. The domain has two
domain controllers named DC1 and DC2. Both domain controllers have the DNS server role
installed.
You install a new DNS server named DNS1.contoso.com on the perimeter network. You
configure DC1 to forward all unresolved name requests to DNS1.contoso.com.
You discover that the DNS forwarding option is unavailable on DC2.
You need to configure DNS forwarding on the DC2 server to point to the DNS1.contoso.com
server.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)
A.
Clear the DNS cache on DC2.
B.
Configure conditional forwarding on DC2.
C.
Configure the Listen On address on DC2.
D.
Delete the Root zone on DC2.
Explanation:
Answer) Delete the Root zone on DC2.
Configure conditional forwarding on DC2.http://technet.microsoft.com/en-us/library/cc754941.aspx
Configure a DNS Server to Use Forwarders
A forwarder is a Domain Name System (DNS) server on a network that is used to forward
DNS queries for external DNS names to DNS servers outside that network. You can also
configure your server to forward queries according to specific domain names using
conditional forwarders.
http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/0ca38ece-d76e-42f0-
85d5-a342f9e169f5/
Deleting .root dns zone in 2008 DNS
Q) We have 2 domain controllers and .root zone is created in the DNS. Due to which the
external name resolution is not possible. I had tried to add conditional forwarders but i get an
error saying that conditional forwarders cannot be created on root DNS servers.
A 1) If you have a “root” zone created in your DNS, and you no longer want that
configuration, you can just simply delete that zone. There is no reason to have a root “.”
zone hosted unless you want to make sure that the DNS server is authoritative for all queries
and not allow the DNS server to go elsewhere for name resolution.
If you delete this zone, the DNS server will be able to use its root hints, or fowarders to
resolve queries for zones its not authoritative for.
A 2) That was from the old 2000 days where DCPROMO would create it if it detected no
internet access while promoting the first DC. Jut remove it, and the Forwarders option
reappear.
Further information:
http://support.microsoft.com/kb/298148
How To Remove the Root Zone (Dot Zone)
http://technet.microsoft.com/en-us/library/cc731879%28v=ws.10%29.aspx
Reviewing DNS ConceptsDelegation For a DNS server to answer queries about any name, it must have a direct or
indirect path to every zone in the namespace. These paths are created by means of
delegation. A delegation is a record in a parent zone that lists a name server that is
authoritative for the zone in the next level of the hierarchy. Delegations make it possible for
servers in one zone to refer clients to servers in other zones. The following illustration shows
one example of delegation.
The DNS root server hosts the root zone represented as a dot ( . ). The root zone contains a
delegation to a zone in the next level of the hierarchy, the com zone. The delegation in the
root zone tells the DNS root server that, to find the com zone, it must contact the Com
server. Likewise, the delegation in the com zone tells the Com server that, to find the
contoso.com zone, it must contact the Contoso server.
Note: A delegation uses two types of records. The name server (NS) resource record
provides the name of an authoritative server. Host (A) and host (AAAA) resource records
provide IP version 4 (IPv4) and IP version 6 (IPv6) addresses of an authoritative server.
This system of zones and delegations creates a hierarchical tree that represents the DNS
namespace. Each zone represents a layer in the hierarchy, and each delegation represents
a branch of the tree. By using the hierarchy of zones and delegations, a DNS root server can
find any name in the DNS namespace.
The root zone includes delegations that lead directly or indirectly to all other zones in the
hierarchy. Any server that can query the DNS root server can use the information in the
delegations to find any name in the namespace.
