ADDS/DNS Servers communication between Subscriptions

Hello!

I need some help with setting up communication between ADDS/DNS servers in subscriptions. I have 10 subscriptions setup in the East Coast...

(1) Production Environment

(2) Performance Environments

(5) Development/Implementation Environments

(1) NonProd_IaaS Environment (IaaS Only) (ADDS/DNS servers)

(1) Prod_IaaS Environment (IaaS only) (ADDS/DNS servers)

Right now I have a Checkpoint device for all subscriptions gateways to talk to OnPrem so I can RDP to any device in any subscription from OnPrem.

I have Production and (2) Performance VNET to VNET connectivity setup to talk to Prod_IaaS.

I have the rest of them VNET to VNET connectivity setup to talk to NonProd_IaaS.

I didn't want my Production and Performance Environments talking to my Nonproduction Environments so I created a Prod_IaaS and NonProd_IaaS environment. Also there is a 10 VNET limitation to each subscription.

Being that these two environments have ADDS/DNS servers, I have NonProd_Iaas VNET to VNET connectivity setup to talk to Prod_IaaS so the ADDS/DNS servers can replicate between each other. 

QUESTION 1: Is this correct, the right way to do it or is there another way to do it. 

With this setup, my (5) Development/Implementation Environments cant talk or ping the ADDS/DNS servers in the Prod_IaaS and my Production and Performance Environments cant talk or ping the ADD/DNS servers in the NoProd_IaaS. I thought with the communicate between NonProd_IaaS and Prod_IaaS they were capable of doing so.

QUESTION 2: How can I fix that? 

I know need to create a DR just in case a Datacenter in Azure goes down or has performance issues, I can fail my PaaS in just my Production Environment over to the West Coast. By doing this I created another VNET in my Prod_IaaS subscription and put it in the West Coast and added another ADDS/DNS server in this VNET so replication between ADDS/DNS servers can be done. I believe by setting up VNET to VNET connectivity within the same subscription (VNET1 and VNET2) I can get the replication setup.

QUESTION 3: Is this correct, the right way to do it or is there another way to do it.

QUESTION 4 : How can I get the replication setup between ALL my ADDS/DNS servers?

QUESTION 5: How can I get all my PaaS and IaaS servers to be able to communicate and authenticate across ALL my ADDS/DNS servers?

Any help or suggestions would be much appreciated!

THANKS!