DNS Zones

Sign up to access this lesson

Click here to sign up and get access to this lesson!

Saving Progress...

A DNS zone is a is a collection of DNS resource records (like itflee.com and its associated IP address). There are two main types of DNS zones; forward and reverse lookup zones. Forward lookup zones are the most common, and translates host names to IP addresses. A reverse lookup zone does the exact opposite in that it translates an IP address to a host name.  

A primary zone is a DNS zone that this DNS server is the primary source of information. By default, the data for this zone is stored in a local file named zone_name.dns and is located in the %windir%\System32\Dns directory. The file may also be stored in Active Directory if this DNS server is also a write-able Domain Controller. 

There are several benefits and reasons why you would want to store a primary zone in Active Directory. Since the zone is stored in AD, the zone can be replicated using AD replication process and AD’s security features.It is also worth mentioning that a primary zone is the only zone type that can be directly edited or updated.  

Secondary Zones

A secondary zone is a read-only replica of a primary DNS zone that is hosted on another remote DNS server. This obviously means that your DNS server must have network access to the remote DNS server in order to gather the information. This DNS zone is not stored in AD DS because it is a mere read-only copy of the DNS zone.  

If you try to make a change in a secondary DNS zone, the change request will be passed on to the server which holds the primary zone. If the server is available, the change will be made.  

The purpose of a secondary DNS zone comes down to redundancy. If the server hosting the primary copy is unavailable, this server will be available for use by clients in its place. One of the issues with a secondary DNS zone is that each record held within this zone must be replicated from another server. On large networks that have frequent DNS server changes this can be somewhat resource intensive.  

Stub Zones

A stub zone is similar to a secondary zone in that it is a read-only zone that obtains its information from other DNS servers. The main difference between a stub zone and a secondary zone, is that while a secondary zone contains an exact replica (including all resource records) of a primary zone, a stub zone only contains information about authoritative name servers.  

So inside a stub zone you will not find records for computer host names, but instead records for other DNS servers. The purpose of this zone is to allow hosts on one network to obtain information from a DNS server on another network, without this DNS server needing to replicate all of the data inside of the other DNS server.You can think of stub zones as being a less resource intensive version of a secondary zone.  

Sign up to access the rest of this lesson

You must either log in or sign up to access this lesson.

Saving Progress...

0 0 votes
Lesson Rating
Notify of
Inline Feedbacks
View all comments

Installing and Configuring Domain Name System (DNS)


0/1 Lessons

Course Introduction

• 10min

0 / 2 lessons complete

DNS Basics

• 1hr 16min

0 / 8 lessons complete

DNS Resource Records

• 46min

0 / 5 lessons complete

DNS Zones

• 4hr 11min

0 / 12 lessons complete

DNS Delegation

• 50min

0 / 4 lessons complete

DNS Security Techniques

• 36min

0 / 5 lessons complete

Advanced DNS Topics

• 22min

0 / 5 lessons complete

DNS Security (DNSSEC)

• 1hr 16min

0 / 6 lessons complete

DNS Policies

• 55min

0 / 6 lessons complete

PowerShell for DNS

• 1hr 27min

0 / 6 lessons complete

Troubleshooting DNS Issues - Troubleshooting Tools

• 1hr 39min

0 / 8 lessons complete