Creating a DNS Stub Zone in Windows Server 2003/2008/2012

There comes a time when you may be required to integrate a more complex DNS infrastructure other than a policy of  “all requests come here and then go out to the web” for resolution.

Lets say, you work at Company X which operates a Windows DNS infrastructure of “domain.com”. Changes are you run a very similar principle to the above. Perhaps your DNS servers are your Active Directory Domain Controllers and when they are unable to resolve an address of something.domain.com, it simply forwards the DNS query out into the ether (perhaps this might go to your ISP or even direct to the root DNS servers around the world).
Lets also say, that come Monday morning the big boss has some news to tell you. You’ve now been told that he/she has just agreed to doing something that requires your company X (domain.com) and company Y (example.com) to all of a sudden, simply work together…. but you don’t know what!!

 

The question is, how would you do this?

All you really know so far is that your company’s infrastructure will need to work with theirs and as most things rely on DNS resolution to function, the easiest way to move forward here is to set up what’s called a “DNS Stub zone” on your own DNS servers.

 

Why do this?

All of your own infrastructure knows to ask your DNS servers for resolving IP’s and host names for your own infrastructure; anything else goes out to the web. However your own internal host names are not visible publicly as those details are private. You can almost guarantee that Company Y have a similar implementation.

Setting up a DNS Stub Zone is a way of telling your DNS server to go to a specific server for a specific domain, instead of using the standard catch-all type response of “i don’t host this domain, go to the web”

 

Making it happen

In this article, I will walk you through setting up a DNS Stub Zone. I will be working on the basis of Company X and Company Y both need to be able to resolve hosts in each of their infrastructures.

I will be using the below details in this example.

Company X has the following:

Parent DNS Zone: domain.com
DNS Server:      dc01.domain.com
DNS Server IP :  10.0.3.11

Company Y has the following:

Parent DNS Zone: example.com
DNS Server:      dc01.example.com
DNS Server IP:   10.0.1.11

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>