Announcement

Collapse
No announcement yet.

Stub zone vs delegation

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Stub zone vs delegation

    Hi,
    I am trying to figure out the real difference between the use of Stub Zones or delegations.
    I know that the biggest difference is control.
    But apart from that, I cannot give a clear cut on when to use one or the other.
    Most of questions (70-291!!!) I answer wrongly because to me looks like one thing and for the test another. Sometime it's due to "reducing administrative overhead" some time else is about "list future administrative control" etc.
    I am lost!!
    Anyone can help?
    Thanx
    There is just one thing bigger than the Universe: - guess???-

  • #2
    Re: Stub zone vs delegation

    This of it this way:

    Delegation - Similar to what the root servers do to the top level domains (com, org, net etc.). They "know" there's something down there, they "know" who's the DNS server that's holding that information (i.e authoritive for that domain), and that's about it.

    In order to delegate a domain, the DNS tha'ts delegating needs to hold the parent domain. For example, DNS holding the petri.co.il zone CAN delegate to the sales sub-domain under petri.co.il. It CANNOT delegate to the cnn.com domain.

    Oh, and they do not need the sub-domain's permissions to do that.

    Stub Zone - Like in delegation, the DNS server "knows" there's something out there, and "knows" who's the DNS server that's authoritive for that domain. Like delegation, stub zones DO NOT REQUIRE the cooperation of the "other" DNS server.

    Unlike delegation, the DNS tha'ts holding the stub zone does NOT need to hold the parent domain or any other domain for that matter. For example, DNS holding the petri.co.il zone CAN have a stub zone to practically any other domain in the world, as long as the authoritive DNS of the "other" domain "knows" about this and authorizes the part-time zone transfer.

    Conditional Forwarding - Like in delegation, the DNS server "knows" there's something out there, and "knows" who to forward the query to (this does NOT necessarily have to be the DNS server that's authoritive for that domain). Like with delegation, conditional forwarding does NOT require the cooperation of the "other" DNS server, and no zone transfer takes place.

    Also, unlike delegation and just like with stub zones, the DNS that's holding the stub zone does NOT need to hold the parent domain or any other domain for that matter. For example, you can configure conditional forwarding of your queries to any DNS server in the world, as long as you think it "knows" better than you about a specific target domain.

    Unlike regular forwarding, where ALL the queries that the DNS is not authoritive for or does not have information for in its cache are forwarded to ONE external DNS server (most likely - the ISP's DNS server), conditional forwarding is done for a specific domain. Just like stub zones, this allows much more flexibility between organizations that have some sort of relationship between them but without the need to establish any sort of replication between them.

    HTH
    Last edited by danielp; 28th July 2007, 00:09.
    Cheers,

    Daniel Petri
    Microsoft Most Valuable Professional - Active Directory Directory Services
    MCSA/E, MCTS, MCITP, MCT

    Comment


    • #3
      Re: Stub zone vs delegation

      I had to read it more than a couple of times....
      Ok, let me see if I got it:
      Delegation:
      - it MUST be within the family (same first level domain at least)
      - it knows about what's underneath, but only for the bosses (SOA, NS)
      - what's delegated must accept the godfather's will with no discussion (delegation is pushed from top to bottom)
      QUESTION:
      is the godfather informed about the guy's activity after delegation? (is the delegating domain aware of the creation of sub-sub domains in the delegated domain? If petri.co.il delegates to sales.petri.co.il and one day the S.A. of sales.petri.co.il decides to have a sub domain of christmas.sales.petri.co.il, is petri.co.il aware of the last site to route FQDN requests to the bottom site?!)

      STUB ZONE:
      - it can be a mixed marriage (with any domain)
      - as delegation it knows about what's underneath, but only for the bosses (SOA, NS)
      - the receiving family must be aquiescent (the stubbed zone-domain must cooperate)
      - there are squeelers in the stubbed family (part time zone transfer)
      QUESTIONS:
      How is the "stubbed" zone agreeing to get stubbed?! I wasn't aware of this process.
      What is exactly a "part time zone transfer"?

      Which zone (delegated or stubbed) I have to manually enter NS and SOA records (administrative overhead), in case I decide to include new secondary DNS servers in the top level domain name, and I have NOT an ADI zone?

      Well, thanks for the answer in the first place. As you can read I am pretty well confused.

      BTW, Nice picture,

      HTH?????
      There is just one thing bigger than the Universe: - guess???-

      Comment

      Working...
      X