We're still trying
to determine what is the best option for DNS design. Best as far as
security, network load, etc.
Design 1> Put
Win2k DNS server on DMZ with root hints configured. All internal AD root
controllers have forwarder to that box.
Design 2> Put
forwarders on all 4 AD root controllers (on private network) to our ISPs
external DNS and all child DCs forward to the 4 root
controllers.
Design 3> Put
root hints on all root controllers and let them resolve externally and have all
child DCs forward to the 4 root DCs.
Any
suggestions?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail is confidential, may contain proprietary information of the Cooper Cameron Corporation and its operating Divisions and may be confidential or privileged. This e-mail should be read, copied, disseminated and/or used only by the addressee. If you have received this message in error please delete it, together with any attachments, from your system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |