I just installed a Win 2008 Remote DC in one of our sites. For the DNS setting, it's using 127.0.0.1 as it's Primary and 10.1.1.2 (this is our AD/DNS in the Main HQ) as Secondary. We have some internal websites that are not resolvable using this DNS 10.1.1.2 server, which is why we added another internal BIND DNS server 10.1.1.9 as FORWARDER.
From a client machine, if I do an nslookup – 10.1.1.9 I can resolve these internal-only websites in question without problems.
However, if I use the default DNS (which is the Remote DC) I will get an error. Is this due to the FORWARDER not working or I missed something else? Recursion is "on".
Best Answer
I think that your DC with server 127.0.0.1 can be configured in the Forwarders tab in DNS admin tool option to get the 10.1.1.2 or any google (8.8.8.8 and 8.8.4.4) in that order in the forwarder order. you did not need to deploy the 10.1.1.9 as a forwarder.
The internal sites should be its respective record in their own zones (if they differ from the main "domain name".
Internal sites are meant to be resolved internally and external sites are meant to use the forwarders to get their queries.