Home > Articles

  • Print
  • + Share This
This chapter is from the book

Implementing Windows 2003 DNS Server Roles

You can configure a DNS server in one of three possible roles. The role the server plays depends on the configuration of zone files and how they are maintained. The zone files contain configuration information for the zone as well as the resource records.

The three possible DNS server configuration roles are as follows:

  • Caching-only server
  • Primary server
  • Secondary server

Keep in mind when you are planning DNS server roles that a single DNS server can perform multiple roles. For example, a DNS server can be the primary server for one zone and at the same time be a secondary server for another DNS zone.

Caching-Only Server

All DNS servers maintain a cache.dns file that contains a list of all Internet root servers. Any time a DNS server resolves a hostname to an IP address, the information is added to the cache file. The next time a DNS client needs to resolve that hostname, the information can be retrieved from the cache instead of the Internet.

Caching-only servers do not contain any zone information, which is the main difference between them and primary and secondary DNS servers. The main purpose of a caching-only server (other than providing name resolution) is to build the cache file as names are resolved. They resolve hostnames, cache the information, and return the results to the client. Because these servers hold no zone information, either hostnames are resolved from the cache or else another DNS server is required to resolve them.

Caching-only servers are useful when you need to reduce network traffic. Again, because there is no zone information, no zone transfer traffic is generated (meaning that no information is replicated between DNS servers). Hostname traffic is also reduced as the cache file is built up because names can be resolved locally using the contents of the local DNS server's cache.

Primary Server

A primary DNS server hosts the working (writable) copy of a zone file. If you need to make changes to the zone file, it must be done from the server that is designated as the primary server for that zone. For those of you who are familiar with Windows NT 4.0, this is similar to how the primary domain controller (PDC) maintains the working copy of the directory database. After a server has been configured as a primary DNS server for a zone, it is said to be authoritative for that domain. Also, a single DNS server can be the primary DNS server for multiple zones.

Secondary Server

A secondary server gets all its zone information from a master DNS server. The secondary DNS server hosts a read-only copy of the zone file, which it gets from the primary server or another secondary DNS server. Through a process known as a zone transfer, the master DNS server sends a copy of the zone file to the secondary server.

For example, if Server2 is configured as a secondary server for bayside.net, Server2 would get all of its zone information from Server1, the primary DNS server for the zone. Any changes that need to be made to the zone file would have to be done on Server1. The changes would then be copied to Server2. As already mentioned, a DNS server can be both a primary and a secondary server at the same time. Using this example, Server2 could also be configured as the primary server for riverside.net, and, to provide fault tolerance for the zone file, Server1 could be configured as a secondary server for this zone.

Secondary DNS servers provide the following benefits:

  • Fault tolerance— Because the secondary server has a copy of the zone file, name resolution can continue if the primary DNS server becomes unavailable.
  • Reduction in name-resolution traffic— Secondary servers can be placed in remote locations with a large number of users. Clients can then resolve hostnames locally instead of having to contact a primary DNS using a WAN link.
  • Load balancing— Name-resolution services for a zone can be provided by the secondary server as well, thereby reducing the load placed on the primary DNS server.
  • + Share This
  • 🔖 Save To Your Account