A twist on the authoritative-only server is the forward server. When configured in this way, a DNS server forwards any query for which it is not authoritative to a server in its forwarders list. You can enter forwarders in the Server Admin DNS Settings pane. A forward server typically contains a primary or secondary zone, allowing it to quickly answer queries about the records in its local database, while all others are sent to a separate server. There are several reasons for deflecting queries.
A simple reason is security perhaps a Mac OS X Server is acting as an Open Directory master and DNS server. This server can be locked down from an access perspective, with no external access at all, not even to return DNS queries. To resolve queries about outside entities, the server can forward those requests to another internal DNS server that does have access. For example, in the following diagram, client computers are configured to use the DNS server at 10.1.17.1, which is configured as a forwarding server. The forwarding DNS server is configured to forward queries to 10.1.0.1 that it cannot answer.
Configuring for Scale
As sites grow to include remote offices accessed via wide area network (WAN) links, DNS infrastructure can become strained. Most of the configurations discussed previously in this post can come into play.
Consider using forward servers when you need to build up a site-wide cache. Having all DNS queries go through a single host or set of hosts on a large network can save bandwidth by reducing outbound queries. When several sites share a common infrastructure, keep in mind that secondary servers can also provide zone transfers. So there is no need to mercilessly pound a single DNS server for zone transfers of a particular zone.
Secondary DNS servers across a WAN link can provide zone updates to other secondary DNS servers that are closer on the network do whatever makes sense for a particular topology.
As a final note, remember that a secondary DNS server can be used as a primary server to a network device. In other words, there is no reason to have all clients query a primary name server first. Ensure that the load is spread among all DNS servers as applicable.