Copying
the DNS database from one server to another is accomplished through a
process known as a zone transfer. Zone transfers are required for any
non-Active Directory-integrated zone that has more than one name server
responsible for the contents of that zone. The mechanism for zone
transfers varies, however, depending on the version of DNS. Zone
transfers are always pulled by the secondary servers from the primary
servers.
Primary DNS servers can be
configured to notify secondary DNS servers of changes to a zone and to
begin a zone transfer. They can also be configured to perform a zone
transfer on a scheduled basis. To set up a secondary server to pull zone
transfers from a forward lookup zone, follow this procedure:
1. | Launch Server Manager on the DNS server with the primary zone.
|
2. | Expand the Roles, DNS Server, DNS nodes, and then select the server name.
|
3. | Select the Forward Lookup Zones node.
|
4. | Right-click the name of the zone and choose Properties.
|
5. | Choose the Zone Transfers tab.
|
6. | Check Allow Zone Transfers and select Only to the Following Servers.
|
7. | Click
Edit, type in the IP address of the server that will receive the
update, and press Enter. The server will be validated, as shown in Figure 1.
Because the server is not yet an authoritative server for the zone, the
error message “The server with this IP address is not authoritative for
the required zone” appears. This will be done in the next section. The
error can be safely ignored. Click OK to save.
|
8. | To
ensure that updates will be processed correctly, click the Notify
button, enter the name of the secondary server, and press Enter. Click
OK to save changes.
|
9. | Click OK to save the changes.
|
Note
In addition to
specifically defining recipients of zone transfer notifications by IP
address, you can select the Only to Servers Listed on the Name Servers
Tab option button as well, assuming that the recipient server or servers
are listed on the Name Servers tab.
Now that the primary zone on
the primary DNS server has been configured to allow transfers, the
secondary zone has to be configured on the secondary DNS server. To
create the secondary zone and begin zone transfers, execute the
following steps:
1. | Launch Server Manager.
|
2. | Expand the Roles, DNS Server, DNS nodes, and then select the server name.
|
3. | Select the Forward Lookup Zones node.
|
4. | Select Action, New Zone.
|
5. | Click Next on the Welcome page.
|
6. | Select
Secondary Zone from the list of zone types. Secondary zones cannot be
AD-integrated and the options will be grayed out. Click Next to
continue.
|
7. | Type in the name of the zone that will be created (this should match the primary zone name), and click Next to continue.
|
8. | Type
in the IP address of the server or servers from which the zone records
will be transferred. Press Enter for each server entered, and they will
be validated. Click Next to continue.
|
9. | Click Finish on the Summary page to create the zone.
|
After the last step, the zone will automatically transfer from the primary DNS server to the secondary DNS server.
Performing Full Zone Transfers
The standard method for
zone transfers, which transfers the entire contents of a DNS zone from
the primary server to the secondary server, is known as asynchronous
zone transfer (AXFR), or full zone transfer. This type of zone transfer
copies every item in the DNS database to the secondary server,
regardless of whether the server already has some of the items in the
database. Older implementations of DNS utilized AXFR exclusively, and it
is still utilized for specific purposes today.
Initiating Incremental Zone Transfers
An incremental zone transfer
(IXFR) is a process by which all incremental changes to a DNS database
are replicated to the secondary DNS server. This saves bandwidth over
AXFR replication changes because only the deltas, or changes made to the
database since the last zone transfer, are replicated.
IXFR zone transfers are
accomplished by referencing a serial number that is stored on the SOA
of the DNS server that holds the primary zone. This number is
incremented upon each change to a zone. If the server requesting the
zone transfer has a serial number of 45, for example, and the primary
zone server has a serial number of 55, only those changes made during
the period of time between 45 and 55 will be incrementally sent to the
requesting server via an IXFR transfer. However, if the difference in
index numbers is too great, the information on the requesting server is
assumed to be stale, and a full AXFR transfer will be initiated. For
example, if a requesting server has an index of 25, and the primary zone
server’s index is 55, an AXFR zone transfer will be initiated, as
illustrated in Figure 2.
