More on Zone Types and Transfers (MCP Series)
There are a few options available for storing Zone information.
Caching only DNS Server is a DNS server that is not authoritative for any zones. To setup a Caching only server, simply install DNS and don't add any Primary or Secondary Zones. A caching only DNS Server can be used to save WAN bandwidth by decreasing the number of DNS requests that need to leave the local network.
However, if you want your DNS Server to be authoritative, there are some other options:
Primary Zone - A Primary Zone (or Primary DNS Server) stores a read and write copy of zone information. Updates are made on the Primary server and distributed to the Secondary servers.
Secondary Zone - A Secondary Zone is a Read only copy of the resource records. A Secondary Server gets it's copy of the resources records through a process called Zone Transfer. When a change is made on a Primary Server the SOA Serial Number is increased. When a Secondary Server checks with a Primary it compares it's SOA Serial Number with that of the Primary Server and if they do not match, a Zone Transfer is initiated.
There are a few reasons why Secondary DNS Servers are very useful:
1. Load balancing (has a full copy of zone information)
2. Fault tolerance, can convert to primary if necessary
3. Remote locations - similar to caching only, saves wan bandwidth
4. Allow clients to find hosts in the primary domain (for remote locations)
ADI Zone - For DNS on a DC you can integrate DNS with AD and DNS data will be stored in AD.
- No Zone Transfers - Changes are sent through AD replication traffic
- "Zone Transfers" are more secure
- Option of "secure" dynamic updates
- Zone Transfers can still be performed to DNS Servers without AD (e.g Unix Servers)
Primary to Secondary
Two types of Zone Transfers
AXFR - All (as in full zone transfer) - All records are sent after every change
IXFR - Incremental - Only changed records are sent when a change is made