Updating Root Hints

Applies To: Windows Server 2008

You can use root hints to prepare servers that are authoritative for nonroot zones so that they can discover authoritative servers that manage domains at a higher level or in other subtrees of the DNS domain namespace. These root hints are essential for servers that are authoritative at lower levels of the namespace when locating and finding other servers under these conditions.

For example, suppose that a DNS server (Server A) has a zone called sub.corp.contoso.com. In the process of answering a query for a higher-level domain, such as the corp.contoso.com domain, Server A needs some assistance to locate an authoritative server (such as Server B) for this domain.

For Server A to find Server B—or any other servers that are authoritative for the contoso.com domain, Server A must be able to query the root servers for the DNS namespace. The root servers can then refer Server A to the authoritative servers for the com domain. The servers for the com domain can, in turn, offer referral to Server B or other servers that are authoritative for the contoso.com domain. The root hints that Server A uses must have helpful hints to the root servers for this process to locate Server B (or another authoritative server) as intended.

To configure and use root hints correctly, first answer the following questions about your DNS server:

  • Are you using DNS on the Internet or on a private network?

  • Is the DNS server used as a root server?

By default, the DNS Server service implements root hints by using a file, Cache.dns, that is stored in the %systemroot%\System32\Dns folder on the server computer. This file normally contains the name server (NS) and host (A) resource records for the Internet root servers. If, however, you are using the DNS Server service on a private network, you can edit or replace this file with similar records that point to your own internal root DNS servers.

Root hints are also treated differently when a DNS server is configured to be used by other DNS servers in an internal namespace as a forwarder for any DNS queries of names that are managed externally (on the Internet, for example). Even though the DNS server that is used as a forwarder can be located internally on the same network as servers that are using it as a forwarder, it needs hints for the Internet root servers to work properly and resolve external names.

If a DNS server is configured to access other DNS servers, such as through a list of DNS servers that is configured in its client TCP/IP properties for an installed network connection, the DNS Server service is capable of gathering its own root hints during new server configuration. You can use the Configure a DNS Server Wizard to accomplish this.