A complete guide for diffrences between Conditional Forwarding and Stubs

Stub zones are dynamic and the name servers for the zone are automatically updated in the stub zone.Use conditional forwarders to forward queries for specific domain names to a specific DNS server, this reduces recursive DNS traffic.Stub zones are capable of zone transfers (which only includes name servers), so they stay current. Forwarders do not.

In situations where you want DNS clients in separate networks to resolve each others’ names without having to query DNS servers on the Internet, such as in the case of a company merger, you should configure the DNS servers in each network to forward queries for names in the other network. DNS servers in one network will forward names for clients in the other network to a specific DNS server that will build up a large cache of information about the other network. When forwarding in this way, you create a direct point of contact between two networks’ DNS servers, reducing the need for recursion.

Stub zones do not provide the same server-to-server benefit because a DNS server hosting a stub zone in one network will reply to queries for names in the other network with a list of all authoritative DNS servers for the zone with that name, instead of the specific DNS servers you have designated to handle this traffic. This configuration complicates any type of security settings that you want to establish between specific DNS servers running in each of the networks.

Stub zones are used when you want a DNS server hosting a parent zone to remain aware of the authoritative DNS servers for one of its child zones. If the stub zone for a child zone is hosted on the same DNS server as the parent zone, the DNS server hosting the stub zone will receive a list of all new authoritative DNS servers for the child zone when it requests an update from the stub zone’s master server . This method of updating the DNS server hosting the parent zone maintains a current list of the authoritative DNS servers for the child zone as they are added and removed.

A conditional forwarder is not an efficient method of keeping a DNS server hosting a parent zone aware of the authoritative DNS servers for a child zone. If you used this method, whenever the authoritative DNS servers for the child zone changed, the conditional forwarder setting on the DNS server hosting the parent zone would have to be manually configured with the IP address for each new authoritative DNS server for the child zone.

Stub zones are often used to enable a parent zone like proseware.com to keep an updated list of the name servers available in a delegated child zone, such as east.proseware.com. They can also be used to improve name resolution and simplify DNS administration.

Here’s a little info on that: A stub zone is an actual zone that would exist on the DNS server that contains just the SOA record for the zone it refers to and the DNS server’s records and glue records (host A records). The stub zone replicates from the master DNS server in the zone it refers to and will keep current with DNS servers for that zone/domain. It is more work to set up than conditional forwarding and requires permission from the administrator of the other domain because it does zone transfers with it. However, it is more reliable in keeping current with the DNS servers in the zone.

Stub zones provide a way for DNS servers hosting a parent zone to maintain a current list of the authoritative DNS servers for the child zones. As authoritative DNS servers are added and removed, the list is automatically updated.

Conditional forwarding, on the other hand, is used to control where a DNS server forwards queries for a specific domain. A DNS server on one network can be configured to forward queries to a DNS server on another network without having to query DNS servers on the Internet.

Important:

Stub zones provide an advantage over conditional forwarding because the information in a stub zone is dynamic, whereas the list of conditional forwards must be updated by a DNS administrator.

Here’s a little more info:

A stub zone contains NS RECORDS of the master zone which is updated regularly. Stub zones can be used in the following situations:

In case you have multiple levels of domain hierarchy you can use stub zones to simplify name resolution instead of DNS servers querying the root server. It can replace secondary zones when configuring fault tolerance. They can facilitate DNS connectivity across domains. Consider this example you have forest contoso.com and the following domain tree ny.contoso.com (with acc.ny.contoso.com as sub domain) and sa.contoso.com (with fin.sa.contoso.com as sub domains).

So if a client in acc.ny.contoso.com tries to access resources in fin.sa.contoso.com and stub zones are not configured then multiple dns servers will have to be contacted i.e in following order:

(acc.ny.contoso.com->

ny.contoso.com->

contoso.com->

sa.contoso.com->

fin.sa.contos.com)

Instead if a stub zone was created in acc.ny.contoso.com then it contains the list of authoritative DNS servers for the zone and queries from acc.ny.contoso.com can be directly sent to fin.sa.contos.com.

You could argue that same thing can be configured through conditional fowarding but if there are changes in DNS records then conditional fowarding would fail. Conditional fowarding can be used in situations where you want to resolve Internet names or if you have a DNS server in your organisation that is responsible for your entire namespace. Stub zones can be used in sites to avoid querying other DNS servers to reduce DNS related traffic.

Also stub zones help in delegation. For example when a parent zone contains information about a child zone i.e contains NS records for 2 DNS servers configured for the child zone. If the administrator of the child adds additional DNS servers or makes changes to existing DNS infrastructure then the Parent zone won’t know about this change. Instead if the parent DNS server is configured with a stub zone for its child zone then all changes made to the child zone DNS server’s NS records would become available to the parent zone.

Conditional Forwarding does not participate in zone transfers, while stub zones do. with conditional forwarding, when a query is sent to the DNS server, it will perform recursion and get the answer to the query.  With stub zones, a referral is given to the resolver (client).

 A conditional forwarder setting configures the DNS server to forward a query it receives to a DNS server depending on the DNS name contained in the query. A stub zone keeps the DNS server hosting a parent zone aware of all the DNS servers authoritative for a child zone.