Sign up to access this lesson
Click here to sign up and get access to this lesson!

Saving Progress...
In this Video:
- We will illustrate how DNS Conditional Forwarding can be implemented in your organization.
- We will consider a common scenario in which DNS Conditional Forwarding can be deployed.
- At the completion of this lecture you will gain valuable-work related knowledge and experience by utilizing and implementing the steps given in this lecture.
Prerequisites: You must have access to or have installed in your lab the following:
- Two Windows 2016 Servers with Active Directory installed and promoted to a domain controller (DNS installs automatically).
- Or a VM with the identical configuration.
- Don’t forget to download the supplemental information that I have supplied with this lecture.
So what is conditional forwarding? And how is conditional forwarding used?
A conditional forwarder is a DNS server on a network that forwards DNS queries for external DNS names according to specific domain names.
Here is a typical scenario:
Two companies have merged High Quality and United Support Services. Both companies wish to keep their AD infrastructure separate but need to share technical data. You are the lead DNS Administrator for United Support Services. The question is, how can you easily fix this problem? One method could be using conditional forwarders.
Here is an overview on how this could work for you.
- You would coordinate this effort with the DNS administrator from HQ
- The HQ admin will need the domain name (uss.com) and IP address of the DNS server that will be configured with the conditional forwarder.
- You will setup a conditional forwarder pointing at HQ.
- HQ will setup a conditional forwarder pointing at USS

The Benefits of using Conditional Forwarding:
- Improves name resolution for disjointed namespace which are separate forests or domains that have no connection, like uss.com and hq.com.
- Avoids users having to go all the way to the root servers to find resources in a separate forest or another domain tree.
- Suitable for a fixed DNS infrastructure
- Easy implementation
The Disadvantages of using Conditional Forwarding:
- Conditional forwarding is statically configured. In our scenario, if the DNS administrator from High Quality decided to change the configuration (delete the conditional forwarder) without informing you of the change, all the users in United Support Services would no longer be able to access the data they needed and you would get dozens of help desk calls.
- If there is a chance that someone could change the configuration, stub zones may be a better alternative.
- If you implement dozens of conditional forwarders this could increase the processing load on the DNS server.
Windows Server DNS Conditional Forwarder Creation.
First, we verify that we cannot ping the server in the HQ.COM domain.

- From the USS.COM domain open server manager, tools, DNS.
- Double click the server, in this case SVR-US, right click conditional forwarder, new conditional forwarder, type the domain name that you want to forward to.
- In this case, I would type hq.com
- Then type in the IP address of the hq.com DNS server, which in this case is 192.168.0.11.
- Be sure to check “Store this conditional forwarder in Active Directory”. Click the down arrow. Notice the choices, all DNS servers in the forest or the domain. We will choose the forest.
- Click ok. You may have to close and then open the wizard screen, but validated should be displayed. Click ok then click apply.

The administrator from HQ will now perform the same procedure.
- First, we verify that we cannot ping the server in the USS.COM domain.

From the DNS server in the HQ.COM domain open server manager, tools, DNS.
Sign up to access the rest of this lesson
You must either log in or sign up to access this lesson.
CURRICULUM
Course Introduction • 10min
0 / 2 lessons complete
Instructor and Course Introduction
Video | 7 min
What's New in Windows Server 2016 DNS
Free lesson
Video | 3 min
DNS Basics • 56min
0 / 8 lessons complete
What is DNS
Video | 3 min
Installing the DNS Windows Server Role
Video | 6 min
Building DNS Server Quiz
Quiz | 10 Questions
The Hosts File
Video | 4 min
DNS Console Overview
Video | 7 min
Recursive and Iterative Queries
Video | 8 min
DNS Basics LAB
Video | 10 min
DNS Basics Quiz
Quiz | 8 Questions
DNS Resource Records • 45min
0 / 5 lessons complete
DNS Resource Record Types
Video | 3 min
Creating the mytestzone Forward Lookup Zone
Text | 2 min
Creating DNS Resource Records
Video | 4 min
Creating DNS Resource Records Lab
Lab | 30 min
DNS Resource Records Quiz
Quiz | 7 Questions
DNS Zones • 4hr 11min
0 / 12 lessons complete
DNS Zones
Video | 4 min
Creating a Forward and Reverse Lookup Zone
Video | 5 min
Creating a Secondary Zones
Video | 9 min
Stub Zone Creation
Video | 11 min
Active Directory Zone Replication
Video | 12 min
Implementing DNS Forwarding
Video | 8 min
Implementing Conditional DNS Forwarding
Video | 7 min
Forward and Reverse Zone Creation Lab
Lab | 60 min
Creating a Secondary Zone Lab
Lab | 30 min
Conditional Forwarding Lab
Lab | 60 min
Creating a Stub Zone Lab
Lab | 30 min
DNS Zones Quiz
Quiz | 15 Questions
DNS Delegation • 50min
0 / 4 lessons complete
Domain Name System and DNS Delegation
Video | 7 min
Windows 2016 Server and DNS Zone Delegation
Video | 8 min
DNS Delegation Lab
Lab | 30 min
QUIZ - Domain Name System and DNS Delegation
Quiz | 5 Questions
DNS Security Techniques • 36min
0 / 5 lessons complete
DNS Security Techniques Overview
Video | 9 min
Configuring DNS Cache Locking
Video | 5 min
Configuring DNS Socket Pools
Video | 6 min
Configuring Response Rate Limiting
Video | 8 min
DNS Security Techniques Quiz
Quiz | 8 Questions
Advanced DNS Topics • 22min
0 / 5 lessons complete
Overview of Advanced Topics
Video | 1 min
Enabling Round Robin and Netmask Ordering
Video | 5 min
Configuring Recursion
Video | 4 min
IPV4 and IPV6 Root HInts
Video | 6 min
Advanced DNS Topics Quiz
Quiz | 6 Questions
DNS Security (DNSSEC) • 1hr 16min
0 / 6 lessons complete
Windows DNS Security Overview
Video | 7 min
Symmetric vs Asymmetric Encryption
Video | 5 min
Installing DNSSEC on Windows 2016 Server
Video | 12 min
DNSSEC Client Install
Video | 7 min
DNSSEC (DNS Security Lab)
Lab | 30 min
DNSSEC Quiz
Quiz | 15 Questions
DNS Policies • 55min
0 / 6 lessons complete
DNS Policies Background Information
Video | 8 min
Configuring DNS Filtering
Video | 7 min
Configuring Split Brain DNS in an Active Directory Environment
Video | 12 min
Configuring DNS Selective Recursion Policy
Video | 7 min
Configuring a Traffic Management Policy
Video | 11 min
DNS Policies Quiz
Quiz | 10 Questions
PowerShell for DNS • 1hr 27min
0 / 6 lessons complete
PowerShell for DNS Part 1
Video | 2 min
PowerShell for DNS Part 2
Video | 5 min
PowerShell for DNS Part 3
Video | 10 min
PowerShell for DNS Part 4
Video | 5 min
PowerShell for DNS LAB
Lab | 60 min
Powershell for DNS Quiz
Quiz | 5 Questions
Troubleshooting DNS Issues - Troubleshooting Tools • 1hr 39min
0 / 8 lessons complete
Troubleshooting Tools Every IT Pro Must Know
Video | 9 min
The Events Viewer Overview
Video | 6 min
Subscriptions
Video | 9 min
Monitoring and Debug Logging
Video | 9 min
Trouble-Shooting DNS Client Issues
Video | 4 min
Troubleshooting Subscriptions Lab
Lab | 30 min
DNS Troubleshooting Lab
Lab | 30 min
DNS Troubleshooting Quiz
Quiz | 2 Questions