Forwarders and Conditional forward in DNS

Forwarders: If the query is not resolvable by the local DNS it is being forwarded to another DNS server for name resolution

Allows you to configure the local DNS server to forward DNS queries to upstream DNS servers, called forwarders

You can specify the IP addresses of upstream DNS servers to which queries should be directed if the local DNS server cannot provide a response through its cache or zone data.

When to Use Forwarders:

In some cases, network administrators might not want DNS servers to communicate directly with external servers. For example, if your organization is connected to the Internet by means of a slow wide area link, you can optimize name resolution performance by channeling all DNS queries through one forwarder, as shown in Figure 4. Through this method, the server cache of the DNS forwarder has the maximum potential to grow and reduce the need for external queries.

Another common use of forwarding is to allow DNS clients and servers inside a firewall to resolve external names securely. When an internal DNS server or client communicates with external DNS servers by making iterative queries, normally the ports used for DNS communication with all external servers must be left open to the outside world through the firewall. However, by configuring a DNS server inside a firewall to forward external queries to a single DNS forwarder outside your firewall, and by then opening ports only to this one forwarder, you can resolve names without exposing your network to outside servers

Uses:

Better utilization of internet bandwidth

Security

Conditional forwarding occurs where a server only forwards queries for certain domains to certain DNS servers. In other words, instead of forwarding all unresolved queries to a forwarder, you specify that you will only forward requests for certain domains to certain forwarders.

Conditional forwarding is primarily used to improve performance of DNS queries. DNS performance is increased because DNS servers do not have to query the domain root servers, or Internet root servers, but can instead go directly to the DNS server that hosts that domain. Configuring conditional DNS forwarding is very similar to configuring regular forwarding. The extra step is to configure the “conditional” part. Basically, you must define what domains you want to go to a particular DNS forwarder.