Using secondary servers

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Using secondary servers

DNS design specifications recommend that at least two DNS servers be used to host each zone. For standard primary-type zones, a secondary server is required to add and configure the zone to appear to other DNS servers in the network. For directory-integrated primary zones, secondary servers are supported but not required for this purpose. For example, two DNS servers running on domain controllers can be redundant primary servers for a zone, providing the same benefits of adding a secondary server while including additional advantages.

Secondary servers can provide a means to offload DNS query traffic in areas of the network where a zone is heavily queried and used. Additionally, if a primary server is down, a secondary server can provide some name resolution in the zone until the primary server is available.

If you add a secondary server, try to locate it as close as possible to clients that have a high demand for names used in the zone. Also, consider placing secondary servers across a router, either on other subnets (if you use a routed LAN) or across WAN links. This provides a good use of a secondary server as a local backup in cases where an intermediate network link becomes the point of failure between DNS servers and clients that use the zone.

Because a primary server always maintains the master copy of updates and changes to the zone, a secondary server relies on DNS zone transfer mechanisms to obtain its information and keep it current. Issues like zone transfer methods -- either using full or incremental zone transfers -- are more applicable when using secondary servers. For more information, see Understanding zones and zone transfer.

In considering the impact of zone transfers caused by secondary servers, consider their advantage as a backup source of information and measure this against the added cost they impose on your network infrastructure. A simple rule is that for each secondary server you add, network usage (because of added zone replication traffic) increases, and so does the time required to synchronize the zone at all secondary servers.

Secondary servers are most heavily used for forward lookup zones. If you are using reverse lookup zones, you can assume that you do not need to add as many secondary servers for those zones. Typically, a secondary server for a reverse lookup zone is not used outside of the network and subnet that correspond to the reverse zone.