> In news:4DE61A2B-95B1-4E8B-AF48-DFF3FDE51BD1[ at ]microsoft.com,
> BenP <BenP[ at ]discussions.microsoft.com> requesting assistance, typed the
> following:
> > Thanks for response, but... doesn't answer my question. I have
> > forward only configuration so no root queries.
> >
> > What I have found is the default forwarder query timeout - 5 seconds
> > - is still suitable and provides working failover. This is due to
> > client side interaction, even if client side query - generally 2
> > seconds - times out first pass the forwarder list failover will still
> > operate and bring back successful answer, the second client pass will
> > then have answer.
> >
> > I have a datacentres infrastructure plus want to populate forwarders
> > list via GPO. Just want to know if I can get 4 working forwarders;
> > two per datacentre, or have to use 3 before setting up my policies.
>
> I don't believe you can configure Forwarders in a DNS server's properites
> using a GPO. GPOs set numerous options for users and computers, but not a
> Forwarder for a DNS server. That would be a DNS server properties setting.
> You can set search suffixes in a GPO.
>
> I am curious if you have a link on how to configure forwarders in a DNS
> server properties via a GPO.
>
> Forwarders can be set using DNSCMD if you have numerous servers to
> configure.
> More info about DNSCMD:
>
http://msmvps.com/blogs/ad/archive/2008/03/28/dnscmd-reference.aspx>
> These are the available list of GPO settings that I am aware of:
>
> Windows 2003 AD Group Policy Settings Reference
>
http://www.microsoft.com/downloads/details.aspx?FamilyID=7821c32f-da15-438d-8e48-45915cd2bc14&displaylang=en>
> Group Policy Settings Reference for Windows Server 2008 and Windows Vista
> SP1
>
http://www.microsoft.com/downloads/details.aspx?familyid=2043B94E-66CD-4B91-9E0F-68363245C495&displaylang=en>
>
> Also, I must agree with the others concerning forwarding and limiting the
> list. Thinking out loud, it would seem that the client machine's client side
> resolver may time out before waiting for the 5 second time out for 3 failed
> forwarders, in a scenario where you have 4 forwarders listed and the first
> three go down, and go on to the next one in the list in it's IP properties.
>
> You can also alter the Forwarder time-out:
> How to Configure a DNS server to use forwarders: (shows how to alter
> forwarder time-out)
>
http://technet.microsoft.com/en-us/library/cc773370.aspx>
> Here is a good post by Kevin Goodnecht explaining the forwarders time out
> and scenarios with too many.
>
http://help.lockergnome.com/windows2/Strange-forwarding-issues-ftopict482618.html> quoted from above link:
> -------------------
> "Actually, the DNS service will stick to the Forwarder that provides an
> answer, no matter where it is in the list, if one forwarder times out(no
> answer) it will move to the next forwarder in the list, if the next
> forwarder provides an answer it uses it until it times out. The problem for
> you is, that it may not get back around to the first forwarder, before the
> Forwarding timeout expires, and it starts using recursion itself and goes to
> the root hints.
>
> Now, if you check the box "Do not use recursion" the DNS server will use
> only its forwarders, and will not use root hints. But this cannot guarantee
> that one of the other servers being used as a forwarder answer the query,
>
> I recommend that if there is a domain that cannot be reached through the
> internet root, that you add a secondary zone for that domain on the Win2k
> DNS server. "
> -------------------
>
> I hope this helps to answer your questions concerning Forwarder failover.
>
> --
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCT
> Microsoft Certified Trainer
>
> For urgent issues, you may want to contact Microsoft PSS directly. Please
> check
http://support.microsoft.com for regional support phone numbers.
>
>