Your company has an Active Directory domainnamed ad.contoso.com.
The domain has two domain controllersnamed DC1and DC2.
Both domain controllershave the DNS server roleinstalled.
You install a new DNS servernamed DNS1.contoso.comon the perimeter network.
You configure DC1to forward all unresolved name requests toDNS1.contoso.com.
You discover that the DNS forwarding option is unavailable on DC2.
You need to configure DNS forwarding on the DC2 server to point to the DNS1.contoso.com server.
Which two actionsshould you perform?
(Each correct answer presents part of the solution. Choose two.)
A.
Clear the DNS cache on DC2.
B.
Configure conditional forwarding on DC2.
C.
Configure the Listen On address on DC2.
D.
Delete the Root zone on DC2.
Explanation:
Answer.Delete the Root zone on DC2.
Configure conditional forwarding on DC2.
http://technet.microsoft.com/en-us/library/cc754941.aspx
Configure a DNS Server to Use Forwarders
A forwarder is a Domain Name System (DNS) server ona network that is used to forward DNS queries for
external DNS names to DNS servers outside that network. You can also configure your server to forward
queries according to specific domain names using conditional forwarders.
http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/0ca38ece-d76e-42f0-85d5-a342f9e169f5/
Deleting .root dns zone in 2008 DNS
Q: We have 2 domain controllers and .root zone is created in the DNS. Due to which the external name
resolution is not possible. I had tried to add conditional forwarders but i get an error saying that conditional
forwarders cannot be created on root DNS servers.
A 1: If you have a “root” zone created in your DNS, and you no longer want that configuration, you can just
simply delete that zone. There is no reason to have a root “.” zone hosted unless you want to make sure that
the DNS server is authoritative for all queries andnot allow the DNS server to go elsewhere for name
resolution.
If you delete this zone, the DNS server will be able to use its root hints, or fowarders to resolve queries for
zones its not authoritative for.
A 2: That was from the old 2000 days where DCPROMO would create it if it detected no internet access while
promoting the first DC. Jut remove it, and the Forwarders option reappear.
s
Further information:
http://support.microsoft.com/kb/298148
How To Remove the Root Zone (Dot Zone)
http://technet.microsoft.com/en-us/library/cc731879%28v=ws.10%29.aspx
Reviewing DNS Concepts
Delegation
For a DNS server to answer queries about any name, it must have a direct or indirect path to every zone in the
namespace. These paths are created by means of delegation. A delegation is a record in a parent zone that
lists a name server that is authoritative for the zone in the next level of the hierarchy. Delegationsmake it
possible for servers in one zone to refer clients to servers in other zones. The following illustration shows one
example of delegation.
The DNS root server hosts the root zone representedas a dot ( . ). The root zone contains a delegation to a
zone in the next level of the hierarchy, the com zone. The delegation in the root zone tells the DNS root server
that, to find the com zone, it must contact the Comserver. Likewise, the delegation in the com zone tells the
Com server that, to find the contoso.com zone, it must contact the Contoso server.
Note:A delegation uses two types of records. The name server (NS) resource record provides the name of an
authoritative server. Host (A) and host (AAAA) resource records provide IP version 4 (IPv4) and IP version 6
(IPv6) addresses of an authoritative server.
This system of zones and delegations creates a hierarchical tree that represents the DNS namespace. Each
zone represents a layer in the hierarchy, and each delegation represents a branch of the tree.
By using the hierarchy of zones and delegations, a DNS root server can find any name in the DNS namespace.
The root zone includes delegations that lead directly or indirectly to all other zones in the hierarchy. Any server
that can query the DNS root server can use the information in the delegations to find any name in the
namespace.