DNS (Primary DNS/Secondary DNS)
DNS is hierarchical. Load distribution is performed with this structure, but what if the DNS server for each domain fails? ]
If the DNS server were to fail and stop, name resolution would not be possible, and most public services would be unavailable. Therefore, it is required to prepare at least two DNS servers for each domain.
DNS servers have a primary DNS and a secondary DNS.
Normally, one primary DNS is prepared for each domain, and the information (zone information) of one's own domain is set and managed.
Secondary DNS is a DNS server that serves as a backup for primary DNS and other secondary DNS, and there can be any number of servers. The primary DNS transfers a copy of the zone information to the secondary DNS and keeps a copy of the primary DNS configuration information on the secondary DNS. This is called a zone transfer.
In zone transfer, if the serial value in the SOA record has increased, it is assumed that it has been updated and zone transfer is started. Zone transfers use TCP port 53.
If the administrator sets the zone information in the primary DNS, it will be automatically reflected in the other secondary DNS.
Although there is a time lag, the same information can be obtained using either DNS server. Therefore, the DNS client is unaware of whether it is primary DNS or secondary DNS.
DNS (primary DNS/secondary DNS placement)
DNS servers have a primary DNS and a secondary DNS. Here, we will explain the arrangement of primary DNS and secondary DNS.
When building a DNS server, you have to think about where to place the DNS server. Determine the layout according to the circumstances and purpose of the network to be used.
The following three patterns are conceivable depending on whether the primary DNS and secondary DNS are placed in the own network or outside.
- Put both primary and secondary DNS outside
- Place the primary DNS in your network and the secondary DNS outside
- Place both primary and secondary DNS in your network
Which pattern is better depends on the circumstances of the network, but it is common to place the primary DNS on the user's own network and the secondary DNS on the ISP side in "2".
By placing the primary DNS in your own network, you can immediately reflect changes in your own network and actively manage it.
Also, by placing the secondary DNS outside, you can avoid situations where your network goes down.