DNS Subdomain Vs Delegation

Hello,

can anybody tell me what is the difference between
creating a subdomain or a delegation to a primary zone on
the same server ? What I mean is:

domain: example.com on server1 (primary zone)

1) create subdomain "dev.example.com" on server1.
2) create new primary zone "dev.example.com" on server1.
Create delegation under "example.com" on server1 that
points to itself. (windows does this automatically if I
create a new zone that has the same root domain as a
primary zone)

As far as I understand, the only difference is that in
the second example I can replicate the domain and the
subdomain independently when using standard zone
transfers. What do you usually do in a production
environent ?

Thank you.

 

The delegation option is for moving the subdomain zone to a different
server and/or location. This way you can also delegate administration of
the zone. An example would be where you had several subdomains in
different locations where each has its own DNS adminstrator.

--
Catwalker
aka Pu$$y Feet
BS, MCP, MCSA
MCNGP #43
www.mcngp.com
faq.mcngp.com
"If man could be crossed with the cat, it would improve man, but it would
deteriorate the cat." Mark Twain

 

adminstrator.

Yes, I understand that. But I was talking about a single
DNS server. Let's say you have to create a subdomain on
your "example.com" domain, called "dev" (so,
dev.example.com"). You don't plan, for the moment, to
create a separate DNS server to host the subdomain. So
you create a "real" subdomain on the main DNS server and
start populating it. Then, after some time, you create a
second DNS server and decide that it would be better to
host "dev.example.com" on that server. If I understand
correctly, now you have to drop your subdomain on the
first DNS server, create the subdomain from scratch on
server2 and delegate it from server1.

Now, if you had created a delegation to itself in the
first place, all you would have to do would be to create
a secondary zone on server2, transfer
the "dev.example.com" from server1, change the delegation
for "dev.example.com" from server1 to server2, change the
zone on server2 from secondary to primary and
delete "dev.example.com" from server1. Without having to
recreate any RRs.

So if my assumption is correct, then it would make sense
to always create a subdomain as a separate zone and
delegate to itself instead of creating a physical
subdomain under the parent.

Is that correct ?

Thanks,

 

"pennino" <> prattled ceaslessly in

No. If the zone is hosted on the same server, you do not delegate.
Since it is a contiguous namespace, it will not work properly unless it
is either a part of the zone on the one server or delegated to another
separate server. Give it a try in a test environment.

--
Catwalker
aka Pu$$y Feet
BS, MCP, MCSA
MCNGP #43
www.mcngp.com
faq.mcngp.com
"If man could be crossed with the cat, it would improve man, but it would
deteriorate the cat." Mark Twain

 

In a production environment you would simply create a
subdomain without delegation. The only exception that I
have ever seen, one that Microsoft implemented in Server
2003, is the automatic local delegation of the _MSDCS
namespace. They did that because there was a problem when
domain controllers in other domains in a forest would try
to get updates about all the domain controllers in the
forest using the server type or by GUID.

Check out this link for some additional detail on DNS,
delegation, and secondary zones in Windows Server 2003

http://tinyurl.com/4jv8y

 

I did. What do you mean by not working properly ? Before
asking my original question I had already tried both
implementations (subdomain vs delegation on same server)
and both work fine. That's why I asked what you do in a
production system. Actually, if you create a new zone on
a server where a parent zone already exists, the DNS
server automagically does the local delegation for you.
Also, as Kurt pointed out, the _MSDCS is another such
example. I read the document Kurt referenced but it just
explains delegation in the classic role (hosting a
subomain on a different server).

 

You don't even need to create any delegation as the two zones(dev.example.com and example.com) are paralleled and when external name severs ask a top name server for help to resolve host1.dev.example.com, the top name(.com.) sever will tell the external one to check with the name server for example.com (by returning its IP address). When the external name server brings the question to the name server for example.com, the information of dev.example.com is already there.

 

Question

I think the answer lies in thinking if there is a name resolution request then would the sever First look at the delegation or look at the zone that it already has... which one is preferred first?