I have a question about DNS servers used in an Active Directory environment. Can clients use DNS servers that aren't authoritative for a specific zone? We currently have some of these non-authoritative servers listed as resolvers for our clients. Additionally, do these DNS servers need to natively support dynamic updates, or can they simply forward update requests to another server? Any insights would be appreciated!
2 Answers
It's not necessary for DNS servers to support Dynamic DNS (DDNS). If they don't accept updates, that just means the updates won't be processed, but clients can still resolve queries using these non-authoritative servers. They can function as recursive servers for answering queries instead.
In general, you'll want both recursive and authoritative DNS servers in your setup. If you're just using a simple forwarder pointing to Domain Controllers (DCs), that might not be sufficient to handle all DNS requests properly.
Got it, so a basic forwarder won't meet all the requirements then?
So, if those servers reject updates, will the client just try the next server on the list?