Delegation
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
For a DNS server to be able to answer queries about any name, it must have a direct or indirect path to every zone in the namespace. These paths are created by means of delegations. A delegation is a record in a parent zone that lists a name server that is authoritative for the zone in the next level of the hierarchy. Delegations enable servers in one zone to refer clients to servers in other zones. Figure 2.29 shows an example of delegation.
Figure 2.29 Delegation
.gif "Delegation")
The DNS root server hosts the root zone, represented as a dot ( . ). The root zone contains a delegation to a zone in the next level of the hierarchy, the com zone. The delegation in the root zone tells the DNS root server that, to find the com zone, it must contact the Com server. Likewise, the delegation in the com zone tells the Com server that to find the contoso.com zone, it must contact the Contoso server.
Note
- A delegation uses two types of records. The name server (NS) resource record provides the name of an authoritative server. The host (A) resource provides the IP address of an authoritative server.
This system of zones and delegations creates a hierarchical tree that represents the DNS namespace. Each zone represents a layer in the hierarchy and each delegation represents a branch of the tree.
By using the hierarchy of zones and delegations, a DNS root server can find any name in the DNS namespace. The root zone includes delegations that lead directly or indirectly to all other zones in the hierarchy. Any server that can query the DNS root server can use the information in the delegations to find any name in the namespace.