The concept of DNS forwarding is not a new feature in Windows Server 2003 but remains a very important one in your design. Forwarding can be used in instances where you do not want the Windows DNS server to use the root hints file for resolving hostnames that belong to domains that the DNS server is not authoritative for.
Rather than using the root DNS servers on the internet, you can configure your DNS server to “forward” all-recursive requests to another DNS server, such as the one provided by your Internet Service Provider. Also, if you have a branch office deployment or a hub and spoke model in regards to DNS, you can have your remote DNS servers, forward their queries to your central “hub” servers.
The idea here is that forwarding requests may produce faster responses since the DNS server you may be forwarding to will have the answer “cached”. Forwarding removes the requirement of having to go through the process of querying the root servers, then the second level, and so on.
To configure forwarding, open the DNS console under Administrative Tools, right-click on the DNS server node, select Properties to open the Properties sheet for the DNS server, and select the Forwarders tab.
To configure forwarding, highlight the All other DNS Domains text located in the DNS Domains box, then click in the IP Address section under “Selected domain’s forwarder IP address list” and add all of the IPs for the DNS servers you want to forward to.
You should forward requests to at least two DNS Server IPs in the address list. If you only forward to one IP and that IP is not accessible, the forwarding process will fail.
In addition, if a request is received by the DNS server and the DNS server is authoritative for that domain, it will not forward the request. The DNS server will respond based on the information located in the authoritative zone.
Keep in mind that this information is static and is not updated if the DNS Server’s IP that you are forwarding to changes. If the name servers’ IP addresses change and you do not update this information on your DNS server, your DNS server will not be able to resolve names for other domains that it is not authoritative for. Your DNS server will NOT attempt to contact the root hint servers as a backup method.
