Conditional forwarding was a new feature of DNS in Windows Server 2003. It is also available and improved for Windows Server 2008. Conditional forwarding can be used to speed up the DNS name resolution process by directing queries for specific domains to specific name servers.
They can also be used to help organizations resolve each other’s namespace in a situation where the organizations may have direct links into each other’s networks and have the need to resolve internal hostnames to access internal resources.
To configure conditional forwarding, open the DNS console under Administrative Tools, click on the DNS server node, expand the node, right-click on Conditional Forwarders, then New Conditional Forwarder.
Type in the name of the domain you want to conditionally forward to in the DNS Domain text box. Then click on the IP Addresses text box and enter in the IP addresses or DNS hostnames of the name servers that will be resolving DNS records for that domain. Your DNS server will attempt to validate your input.
A very nice and new feature with Windows Server 2008 is that the Conditional Forwarder information can be stored in Active Directory. The main benefit to this is that depending on the replication scope you choose, this information will be automatically available to other DNS servers in your infrastructure. You will not be required to enter this information on your other DNS servers that will Conditionally Forward.
Keep in mind that this information is static and is not updated if the domain that you are pointing to changes the IP addresses of their DNS servers. If the name servers’ IP addresses change and you do not update this information on your DNS server, your DNS server will not be able to resolve names for that domain. Your DNS server will NOT attempt to contact the root hint servers as a backup method.
Don’t use conditional forwarders for domains on the internet that you do not have a business association with. You might think that adding sites like Microsoft.com, Bing.com, etc… may speed up name resolution, but doing this will most likely impact your ability to resolve their hostnames as you would have no way of knowing when their DNS infrastructure changes.
