Your network contains an Active Directory domain named contoso.com. All domain controllers run
Windows Server 2012.
The domain contains an Edge Server named Server1. Server1 is configured as a DirectAccess server.
Server1 has the following settings:
Internal DNS name: Server1.contoso.com External DNS name:
dal.contoso.com Internal IPv6 address: 2002:cla8:6a:3333::l
External IPv4 address: 65.55.37.62
Your company uses split-brain DNS for the contoso.com zone.
You run the Remote Access Setup wizard as shown in the following exhibit. (Click the Exhibit button.)
You need to ensure that client computers on the Internet can establish DirectAccess connections to
Server1.
Which additional name suffix entry should you add from the Remote Access Setup wizard?
A.
A Name Suffix value of Server1.contoso.com and a blank DNS Server Address value
B.
A Name Suffix value of dal.contoso.com and a blank DNS Server Address value
C.
A Name Suffix value of Server1.contoso.com and a DNS Server Address value of 65.55.37.62
D.
A Name Suffix value of dal.contoso.com and a DNS Server Address value of 65.55.37.62
Explanation:
* In a non-split-brain DNS environment, the Internet namespace is different from the intranet
namespace. For example, the Contoso Corporation uses contoso.com on the Internet and
corp.contoso.com on the intranet. Because all intranet resources use the corp.contoso.com DNS
suffix, the NRPT rule for corp.contoso.com routes all DNS name queries for intranet resources to
intranet DNS servers. DNS name queries for names with the contoso.com suffix do not match the
corp.contoso.com intranet namespace rule in the NRPT and are sent to Internet DNS servers.
* Split-brain DNS is a configuration method that enables proper resolution of names (e.g.,
example.com) from both inside and outside of your local network.
Note: For split-brain DNS deployments, you must list the FQDNs that are duplicated on the Internet
and intranet and decide which resources the DirectAccess client should reach, the intranet version
or the public (Internet) version. For each name that corresponds to a resource for which you want
DirectAccess clients to reach the public version, you must add the corresponding FQDN as an
exemption rule to the NRPT for your DirectAccess clients. Name suffixes that do not have
corresponding DNS servers are treated as exemptions.
Reference: Design Your DNS Infrastructure for DirectAccess