Secondary zone When a zone that this DNS server hosts is a secondary zone, this DNS server is a secondary source for information about this zone. The zone at this server must be obtained from another remote DNS server computer that also hosts the zone. This DNS server must have network access to the remote DNS server that supplies this server with updated information about the zone. Because a secondary zone is merely a copy of a primary zone that is hosted on another server, it cannot be stored in AD DS.
Primary zoneWhen a zone that this DNS server hosts is a primary zone, the DNS server is the primary source for information about this zone, and it stores the master copy of zone data in a local file or in AD DS. When the zone is stored in a file, by default the primary zone file is named zone_name.dns and it is located in the %windir%\System32\Dns folder on the server.Secondary zoneWhen a zone that this DNS server hosts is a secondary zone, this DNS server is a secondary source for information about this zone. The zone at this server must be obtained from another remote DNS server computer that also hosts the zone. This DNS server must have network access to the remote DNS server that supplies this server with updated information about the zone. Because a secondary zone is merely a copy of a primary zone that is hosted on another server, it cannot be stored in AD DS.Stub zoneWhen a zone that this DNS server hosts is a stub zone, this DNS server is a source only for information about the authoritative name servers for this zone. The zone at this server must be obtained from another DNS server that hosts the zone. This DNS server must have network access to the remote DNS server to copy the authoritative name server information about the zone.You can use stub zones to:Keep delegated zone information current. By updating a stub zone for one of its child zones regularly, the DNS server that hosts both the parent zone and the stub zone will maintain a current list of authoritative DNS servers for the child zone.Improve name resolution. Stub zones enable a DNS server to perform recursion using the stub zone's list of name servers, without having to query the Internet or an internal root server for the DNS namespace.Simplify DNS administration. By using stub zones throughout your DNS infrastructure, you can distribute a list of the authoritative DNS servers for a zone without using secondary zones. However, stub zones do not serve the same purpose as secondary zones, and they are not an alternative for enhancing redundancy and load sharing.There are two lists of DNS servers involved in the loading and maintenance of a stub zone:The list of master servers from which the DNS server loads and updates a stub zone. A master server may be a primary or secondary DNS server for the zone. In both cases, it will have a complete list of the DNS servers for the zone.The list of the authoritative DNS servers for a zone. This list is contained in the stub zone using name server (NS) resource records.When a DNS server loads a stub zone, such as abc.xyz.com, it queries the master servers, which can be in different locations, for the necessary resource records of the authoritative servers for the zone abc.xyz.com. The list of master servers may contain a single server or multiple servers, and it can be changed anytime.
Primary zone When a zone that this DNS server hosts is a primary zone, the DNS server is the primary source for information about this zone, and it stores the master copy of zone data in a local file or in AD DS. When the zone is stored in a file, by default the primary zone file is named zone_name.dns and it is located in the %windir%\System32\Dns folder on the server.
Primary zone When a zone that this DNS server hosts is a primary zone, the DNS server is the primary source for information about this zone, and it stores the master copy of zone data in a local file or in AD DS. When the zone is stored in a file, by default the primary zone file is named zone_name.dns and it is located in the %windir%\System32\Dns folder on the server.
Stub zone When a zone that this DNS server hosts is a stub zone, this DNS server is a source only for information about the authoritative name servers for this zone. The zone at this server must be obtained from another DNS server that hosts the zone. This DNS server must have network access to the remote DNS server to copy the authoritative name server information about the zone. You can use stub zones to: * Keep delegated zone information current. By updating a stub zone for one of its child zones regularly, the DNS server that hosts both the parent zone and the stub zone will maintain a current list of authoritative DNS servers for the child zone. * Improve name resolution. Stub zones enable a DNS server to perform recursion using the stub zone's list of name servers, without having to query the Internet or an internal root server for the DNS namespace. * Simplify DNS administration. By using stub zones throughout your DNS infrastructure, you can distribute a list of the authoritative DNS servers for a zone without using secondary zones. However, stub zones do not serve the same purpose as secondary zones, and they are not an alternative for enhancing redundancy and load sharing. There are two lists of DNS servers involved in the loading and maintenance of a stub zone: * The list of master servers from which the DNS server loads and updates a stub zone. A master server may be a primary or secondary DNS server for the zone. In both cases, it will have a complete list of the DNS servers for the zone. * The list of the authoritative DNS servers for a zone. This list is contained in the stub zone using name server (NS) resource records. When a DNS server loads a stub zone, such as abc.xyz.com, it queries the master servers, which can be in different locations, for the necessary resource records of the authoritative servers for the zone abc.xyz.com. The list of master servers may contain a single server or multiple servers, and it can be changed anytime.
A zone transfer can be accomplished by updating the secondary server's configuration file with the primary server's details, and then initiating a transfer request. This can typically be done by specifying the secondary server in the allow-transfer directive of the primary server's zone file.
The prefered DNS server for the site is the server which sends the dns zone updates to all the other servers in the site. The primary DNS zone is created on the server and it has the authority to send changes in zone to other servers
False Zone transfer are always initiated at the secondary server for a zone and sent to their configured master servers.
Secondary Zone
SOA Resource Records Every zone contains a Start of Authority (SOA) resource record at the beginning of the zone. SOA resource records include the following fields: * The Owner , TTL , Class , and Type fields, as described in "Resource Record Format" earlier in this chapter. * The authoritative server field shows the primary DNS server authoritative for the zone. * The responsible person field shows the e-mail address of the administrator responsible for the zone. It uses a period (.) instead of an at symbol (@). * The serial number field shows how many times the zone has been updated. When a zone's secondary server contacts the master server for that zone to determine whether it needs to initiate a zone transfer, the zone's secondary server compares its own serial number with that of the master. If the serial number of the master is higher, the secondary server initiates a zone transfer. * The refresh field shows how often the secondary server for the zone checks to see whether the zone has been changed. * The retry field shows how long after sending a zone transfer request the secondary server for the zone waits for a response from the master server before retrying. * The expire field shows how long after the previous zone transfer the secondary server for the zone continues to respond to queries for the zone before discarding its own zone as invalid. * The minimum TTL field applies to all the resource records in the zone whenever a time to live value is not specified in a resource record. Whenever a resolver queries the server, the server sends back resource records along with the minimum time to live. Negative responses are cached for the minimum TTL of the SOA resource record of the authoritative zone.
SOA Resource Records Every zone contains a Start of Authority (SOA) resource record at the beginning of the zone. SOA resource records include the following fields: * The Owner , TTL , Class , and Type fields, as described in "Resource Record Format" earlier in this chapter. * The authoritative server field shows the primary DNS server authoritative for the zone. * The responsible person field shows the e-mail address of the administrator responsible for the zone. It uses a period (.) instead of an at symbol (@). * The serial number field shows how many times the zone has been updated. When a zone's secondary server contacts the master server for that zone to determine whether it needs to initiate a zone transfer, the zone's secondary server compares its own serial number with that of the master. If the serial number of the master is higher, the secondary server initiates a zone transfer. * The refresh field shows how often the secondary server for the zone checks to see whether the zone has been changed. * The retry field shows how long after sending a zone transfer request the secondary server for the zone waits for a response from the master server before retrying. * The expire field shows how long after the previous zone transfer the secondary server for the zone continues to respond to queries for the zone before discarding its own zone as invalid. * The minimum TTL field applies to all the resource records in the zone whenever a time to live value is not specified in a resource record. Whenever a resolver queries the server, the server sends back resource records along with the minimum time to live. Negative responses are cached for the minimum TTL of the SOA resource record of the authoritative zone.
stub zone