DNS stub zones are used to enable your DNS servers to resolve records in another domain. The information in the stub zone allows your DNS to contact the authoritative DNS server directly.
This does sound a bit like conditional forwarding, and actually, it is! For a better understanding, let’s look at the difference between stub zones and conditional forwarding.
Conditional Forwarding vs. Stub Zones
In conditional forwarding, you hardcode your DNS server with the IP addresses used to contact the authoritative DNS servers. If one of the DNS servers changes, your conditional forwarding will start to fail. If a new DNS server is introduced, your DNS server will never find out and therefore won’t start using it.
In a stub zone, the forwarding IP(s) are used to retrieve the NS records of the authoritative domain as well as the A records needed to resolve the hostnames in the NS records. By the way, these A records are referred to as glue records.
Your DNS server will continue to look at the NS records on the authoritative DNS server, and if they change, this is reflected in your stub zone. This means that if a DNS server changes, your stub zone forwarding will become aware of this. If a new DNS server is introduced, your DNS server will automatically start using that new server.
Contents of Stub Zone and Caching
The stub zone will always keep just the information needed to contact the authoritative DNS servers. This means the NS records and the A records needed to resolve the NS records.
Any host records in the domain zone of the authoritative DNS servers are cached on your DNS server like any other records that are resolved on external DNS: They are stored in your local DNS cache for the duration of the TTL set on the DNS record.
How to Configure a Stub Zone
To configure a stub zone, follow this step-by-step guide:
1. Create a new zone:
Click next on the wizard welcome screen:
Choose to create a stub zone:
Select the replication scope of the stub zone:
Select the domain name for this stub zone:
Insert one or more name servers from where to load the zone info. Notice that zone transfer must be allowed:
Review settings and complete the wizard:
And voila! The stub zone has been created:
How to Manage Office 365 from Active Directory
Easy365Manager is a snap-in to AD Users & Computers that allows you to manage Office 365 mailboxes and licenses as part of your standard AD management.
Easy365Manager extends user properties with two new tabs, so you no longer have to switch between multiple web consoles to perform daily management:
With Easy365Manager, you can perform all daily tasks from AD Users & Computers:
- Assign Office 365 licenses
- Manage shared mailbox delegation
- Configure calendar permissions
- Configure proxyAddresses (with format and uniqueness check)
- Replicate Azure AD Connect
And a lot more. See the complete feature list here.
Additionally, Easy365Manager lets you remove your on-premises Exchange Server. This will give you 100% protection from future zero-day exploits targeting Exchange Server.
Try the fully functional 30-day trial now. It only takes a few minutes to install, has zero learning curve, and we guarantee you’ll be saving hours of work before the end of the week!