We have an Active Directory network, with a mixture of Windows DNS, linux BIND servers, and want to use OpenDNS as our external DNS provider.
I am wondering What is the best way to set up these servers (regarding forwarders, recursion, etc.)?
Active Directory is our main internal DNS for our domain, and has 3 redundant servers. DHCP and all our servers use these as their DNS servers. Then we have a legacy AD server from an old network that is still authoritative for a bunch of domains. Finally, we have a couple of Linux Bind servers that are authoritative for a bunch of websites we host.
Should our main AD servers point to our legacy AD server, which points to one of our BIND servers, which points to the other BIND server, which finally points out to openDNS? Or should our main AD servers point to all of these directly? - or is there a better option?
What happens if a domain is listed in 2 places? Does DNS process the
forwarders in order?
What about root servers - if I want to use OpenDNS for "everything
else", do I just list them as the last forwarders, and delete the root
servers from all my DNS servers?
How does recursion work - in this scenario, should I be using
recursion or not?