Adding a Secondary DNS Server

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Domain Name System (DNS) design specifications recommend that at least two DNS servers be used to host each zone. For standard, primary zones, a secondary server is required to add and configure the zone so that it appears to other DNS servers in the network. For directory-integrated, primary zones, secondary servers are supported but not required for this purpose. For example, two DNS servers running on domain controllers can be redundant primary servers for a zone. They can provide the same benefits as adding a secondary server while also providing additional benefits.

Secondary servers can be used to offload DNS query traffic in areas of the network where a zone is heavily queried. In addition, if a primary server is unavailable, a secondary server can provide some name resolution in the zone until the primary server is available.

If you add a secondary server, try to locate it as close as possible to clients that have a high demand for names that are used in the zone. Also, consider placing secondary servers across a router, either on other subnets (if you use a routed local area network (LAN)) or across wide area network (WAN) links. This constitutes a good use of a secondary server as a local backup in scenarios in which an intermediate network link becomes the point of failure between DNS servers and clients that use the zone.

Because a primary server always maintains the master copy of updates and changes to the zone, a secondary server relies on DNS zone transfer mechanisms to obtain its information and keep the information current. Issues such as zone transfer methods — using either full or incremental zone transfers — are more applicable when you use secondary servers.

When you consider the impact of zone transfers that are caused by secondary servers, consider their advantage as a backup source of information, and measure this against the added cost that they impose on your network infrastructure. A simple rule is that for each secondary server that you add, network usage (because of added zone replication traffic) increases, and so does the time that is required to synchronize the zone at all secondary servers.

Secondary servers are used most heavily for forward lookup zones. If you are using reverse lookup zones, it is not necessary to add as many secondary servers for those zones. Typically, a secondary server for a reverse lookup zone is not used outside the network and subnet that correspond to the reverse zone.

To complete this task, perform the following procedure: