As in the title... I've made a new (Active Directory connected) conditional forwarder on one of our DNS servers (running Windows Server 2012).
Firstly, how long does it take to propagate to other DNS servers in our environment? And, how can I force it to propagate now?
EDIT: some more info
For the purpose of this discussion, we have two Windows Server 2012 machines (one at a remote site, and one locally). They are at different locations. Both are domain controllers, and have the DNS role enabled. I've added a conditional forwarder on the remote server, made sure it's replicated through AD (it's a checkbox you enable), and would like to know how long it'll take for that to propagate to the local DNS server.
By propagate I mean when will the conditional forwarder show up on the local DNS server?
As you know, AD Integrated zones are stored in AD and therefore are replicated along the same schedule. Inter-site replication occurs by default every three hours but can be configured to as little as 15 minutes (I can't think of a reason not to go down to 15 minutes, anyone?)
Although relatively miniscule, there is a second, shorter interval to be aware of. After the data has replicated to the DC, the DNS service must read this data from the local directory. How often this is done is based on the
DsPollingInterval
value, which defaults to three minutes.So the latency is Inter-site replication interval + DsPollingInterval. In a default environment, the maximum latency is as long as 183 minutes.
References:
Define propagated, and define your other DNS servers.
DNS records are valid for as long as the other server considers them valid - once that time's up, the other DNS servers will forward requests onwards. There is no "pushing" from your DNS server, it's purely a pull mechanism.
So, to answer your questions explicitly:
Your other DNS servers will (indirectly) use your new forwarder immediately, but only your DNS records which aren't cached or have expired.
From your current DNS server, you can't. You could probably go to your other servers and flush their DNS cache, though.