01-18-2018 12:18 PM
We have Infoblox servers setup to forward any non-authorative queries to our external DNS servers. The external DNS servers are configured to perform recursive queirs for internal clients only which would include our internal Infoblox servers. In the configuration there is a option for "Use Forwaders Only".
Should we select this option as a best practice?
Will Infoblox only foward request to our external DNS servers which would in turn perform the recursive query for the client (Infoblox)?
If we leave this box unchecked, will Infoblox send queries directly to the internet root servers by passing our external DNS servers?
"To use only forwarders on your network (and not root servers), select the Use Forwarders Only check box."
Solved! Go to Solution.
01-18-2018 10:52 PM
In many cases, clients would see different answers (including nxdomain responses, or public versus private IP's) if the forwarders are not used and that can cause issues for those clients. If that is a concern, then the option should be enabled.
Unexpected results can frequently occur when bypassing the forwarders so care should be used when not enabling this option. If clients would not face any issues if they receive an answer different than what the forwarders would provide, then leaving the option disabled would afford extra flexibility and redundancy.