A complete guide for diffrences between Conditional Forwarding and Stubs

Stub zones are dynamic and the name servers for the zone are automatically updated in the stub zone.Use conditional forwarders to forward queries for specific domain names to a specific DNS server, this reduces recursive DNS traffic.Stub zones are capable of zone transfers (which only includes name servers), so they stay current. Forwarders do not.

In situations where you want DNS clients in separate networks to resolve each others’ names without having to query DNS servers on the Internet, such as in the case of a company merger, you should configure the DNS servers in each network to forward queries for names in the other network. DNS servers in one network will forward names for clients in the other network to a specific DNS server that will build up a large cache of information about the other network. When forwarding in this way, you create a direct point of contact between two networks’ DNS servers, reducing the need for recursion.

Stub zones do not provide the same server-to-server benefit because a DNS server hosting a stub zone in one network will reply to queries for names in the other network with a list of all authoritative DNS servers for the zone with that name, instead of the specific DNS servers you have designated to handle this traffic. This configuration complicates any type of security settings that you want to establish between specific DNS servers running in each of the networks.

Stub zones are used when you want a DNS server hosting a parent zone to remain aware of the authoritative DNS servers for one of its child zones. If the stub zone for a child zone is hosted on the same DNS server as the parent zone, the DNS server hosting the stub zone will receive a list of all new authoritative DNS servers for the child zone when it requests an update from the stub zone’s master server . This method of updating the DNS server hosting the parent zone maintains a current list of the authoritative DNS servers for the child zone as they are added and removed.

A conditional forwarder is not an efficient method of keeping a DNS server hosting a parent zone aware of the authoritative DNS servers for a child zone. If you used this method, whenever the authoritative DNS servers for the child zone changed, the conditional forwarder setting on the DNS server hosting the parent zone would have to be manually configured with the IP address for each new authoritative DNS server for the child zone.

Stub zones are often used to enable a parent zone like to keep an updated list of the name servers available in a delegated child zone, such as They can also be used to improve name resolution and simplify DNS administration.

Here’s a little info on that: A stub zone is an actual zone that would exist on the DNS server that contains just the SOA record for the zone it refers to and the DNS server’s records and glue records (host A records). The stub zone replicates from the master DNS server in the zone it refers to and will keep current with DNS servers for that zone/domain. It is more work to set up than conditional forwarding and requires permission from the administrator of the other domain because it does zone transfers with it. However, it is more reliable in keeping current with the DNS servers in the zone.

Stub zones provide a way for DNS servers hosting a parent zone to maintain a current list of the authoritative DNS servers for the child zones. As authoritative DNS servers are added and removed, the list is automatically updated.

Conditional forwarding, on the other hand, is used to control where a DNS server forwards queries for a specific domain. A DNS server on one network can be configured to forward queries to a DNS server on another network without having to query DNS servers on the Internet.


Stub zones provide an advantage over conditional forwarding because the information in a stub zone is dynamic, whereas the list of conditional forwards must be updated by a DNS administrator.

Here’s a little more info:

A stub zone contains NS RECORDS of the master zone which is updated regularly. Stub zones can be used in the following situations:

In case you have multiple levels of domain hierarchy you can use stub zones to simplify name resolution instead of DNS servers querying the root server. It can replace secondary zones when configuring fault tolerance. They can facilitate DNS connectivity across domains. Consider this example you have forest and the following domain tree (with as sub domain) and (with as sub domains).

So if a client in tries to access resources in and stub zones are not configured then multiple dns servers will have to be contacted i.e in following order:


Instead if a stub zone was created in then it contains the list of authoritative DNS servers for the zone and queries from can be directly sent to

You could argue that same thing can be configured through conditional fowarding but if there are changes in DNS records then conditional fowarding would fail. Conditional fowarding can be used in situations where you want to resolve Internet names or if you have a DNS server in your organisation that is responsible for your entire namespace. Stub zones can be used in sites to avoid querying other DNS servers to reduce DNS related traffic.

Also stub zones help in delegation. For example when a parent zone contains information about a child zone i.e contains NS records for 2 DNS servers configured for the child zone. If the administrator of the child adds additional DNS servers or makes changes to existing DNS infrastructure then the Parent zone won’t know about this change. Instead if the parent DNS server is configured with a stub zone for its child zone then all changes made to the child zone DNS server’s NS records would become available to the parent zone.

Conditional Forwarding does not participate in zone transfers, while stub zones do. with conditional forwarding, when a query is sent to the DNS server, it will perform recursion and get the answer to the query.  With stub zones, a referral is given to the resolver (client).

 A conditional forwarder setting configures the DNS server to forward a query it receives to a DNS server depending on the DNS name contained in the query. A stub zone keeps the DNS server hosting a parent zone aware of all the DNS servers authoritative for a child zone.

Share this Story:
  • facebook
  • twitter
  • gplus

About Mohammad Saleh Naderi

Mohammad Saleh Naderi , A 22 years Old boy that started to be a Network Consultant by studying MCITP And Cisco Course. He passed Net+ Course recently in cyberTech college , the college that he started for studying MCITP and Cisco.
He is also interested in graphics And passed Indesign And Photoshop courses in Kishmehr institute.
He knows Some programming languages ​​like C++, Java Assembly and Pascal , also he knows HTML and working with CMSs like Joomla , WP , PHPfox and ...


  1. Milad
    1477 days ago

    خوب:دی الان اینطوری برخلاف گفته ی استاد اصلنننننننن لزومی نداره کاندیشنال فرواردینگی باشه :|
    منو توجیه کن

    • Mohammad Saleh Naderi
      1477 days ago

      Hi sir!
      First , who are you?
      Are you a man from iran , studying for MCITP? So FUP!
      But , about your question!
      Stub and forwaredrs are totally diffrent!
      Everybody , repeat after me : totally diffrent , totally diffrent , totally diffrent!
      It means you use forwarders for forward queries for specific domain names to specific dns server to reduce recursive dns traffic! From specific to specific!
      Stub zones do not provide the same server to server benefit and list all of dns server for the zone of your request query!
      Also stubs are dynamic! Means if you have a parent zone with stub that have child zones , parent zone is aware of any changes made to child zone!
      I dont know language you typed! But maybe you asked SO THERE IS NO NEED TO C FORWARDES,LEGTIMIZE ME?
      I remind you FUP!
      Next , imagine using c forwarders for query that send to internet! Do you know all dns server!? I know you know! But all your dns query are server to server?
      So in intranet not internet , where DNS server are limited to 4 or 5 use c forwarders , and there is no concern for trafic here!
      But in internet , you have update and update and update! So stubs!
      On the other hand , trafic in internet is more and more and more important to your tiny network that you are working there! So stubs , list all authoritative DNS server and sayes : hoy , ina oon list server haee hastesh ke momkeneh javabetoo tosh biabi , pa nasho boro begard hey baaar bezar martikeh nafahm! And query say: ok , got it!
      So its better you say ok got it, too!

Leave a comment