Zone planning for DNS
Updated: January 21, 2005
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Zone planning for DNS
When first partitioning your namespace into zones, review traffic patterns in your current or proposed network. Although DNS is designed to help reduce broadcast traffic between local subnets, it does create some traffic between servers and clients that should be reviewed. This is particularly true in cases where DNS is used on routed networks.
To review DNS traffic, you can use DNS server statistics or the DNS performance counters provided with System Monitor. For more information, see Verifying server configuration or Monitoring DNS server performance.
In addition to routing traffic, consider the impact of the following common types of DNS-related communication, especially when you are operating across slow-speed links on a wide area network:
Server-to-server traffic caused both by zone transfers with other DNS servers and by DNS interoperability with other servers (for example, when WINS lookup is enabled).
Client-to-server traffic caused by both query loads and dynamic updates sent by DNS client computers or DHCP servers providing dynamic updating for earlier-version DNS clients that do not support dynamic updates.
For small, flat namespaces, you might use full replication of all DNS zones to all DNS servers in your network. For large, vertical namespaces, this is neither possible nor recommended. In larger networks, it is often necessary to study, test, analyze, and revise your zone plans based on observed or estimated traffic patterns. After careful analysis, you can partition and delegate your DNS zones based on what is required for providing efficient and fault-tolerant name service to each location or site.
If you are using a mixture of Windows DNS servers, be aware that zone transfers can sometimes be slow between the DNS Server service and some other DNS server implementations. For more information, see Interoperability issues.
The DNS Server service supports incremental zone transfers between servers replicating a standard zone. This feature can reduce DNS replication traffic considerations and should be reviewed in zone planning. For more information, see Understanding zones and zone transfer.
Although it is useful to plan zones, you might also want to explore the use of caching-only servers, which do not host DNS zones. Caching-only servers are a good option at small remote sites that have a stable and minimal use for DNS name service but are located across a WAN where the transfer of a large zone over a slower link can be resource-intensive. For more information, see Using caching-only servers.