Study On Configuring Zone Transfer And Replication Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Domain Name System (DNS) zones can store in domain and application directory partitions in Active Directory Service (AD DS).AD DS data structure have a partition that can distinguishes data for different replication purpose.

Zone replication scopes have different type. There are Zone replication scopes to all DNS servers in this forest, Zone replication scopes to all DNS servers in this domain, Zone replication scopes to all domain controllers in this domain and Zone replication scopes all domain controllers in a specified application directory partition.

Zone replication scope to all DNS servers in this forest. Windows Server 2003 and Windows Server 2008 domain controllers have replicated zone data will running the DNS Server service in the AD DS forest. Replicates zone data to the ForestDNSZones partition so it provides broadest replication scope.

Zone replication scope to all DNS servers in this domain. Replication zone data in all Windows Server 2003 and Windows Server 2008 domain controller will running the DNS Server service in Active Directory Domain. This replication will replicate zone data to the DomainDNSZone partition which was the default setting for DNS zone replication.

Zone replication scope to all domain controllers in this domain. Replication zone data to all domain controllers just exist in Active Directory domain. If we like to setting others window like Windows 2000 DNS servers to load an Active Directory-integrated zone.

Zone replication scope for all domain controllers in a specified application partition. This zone replication scope will replicate zone data based in the replication scope of the specified application directory partition.

Application directory partition is not replicated to the global catalog for the forest if AD Ds-integrated DNS zone data is stored. While AD DS-integrated DNS zone that stored in a domain partition is replicated to all domain controllers in AD DS domain. This portion of data will store in global catalog.

Understanding Active Directory Domain Service Integration

Active Directory Domain Service (AD DS) will provide an enterprise-level tool for organizing, locating resource and managing in a network. Integration of DNS service is separated into two part .That is design and implementation of Active Directory Domain Service (AD DS).

We need to consider the following step when we would like to deploy Domain Name System (DNS) servers with AD DS.

We need to make sure that DNS is located for locating domain controllers.DNS server provides registration of domain controllers in DNS domain namespace which service provide by Net Logon.

AD DS use by Window Server 2003 or Window Server 2008 which running by DNS servers. Integrating of AD DS can take advantage about DNS feature such as AD DS replication , record aging and scavenging and secure dynamic update

How DNS integrates with AD DS

We can promote server for role of a domain controller for a specified domain. We can specify a DNS domain name for AD DS domain. We can perform this action by server that joining and promote server and install DNS Server role is the option given. The DNS Server role provided because DNS server required for locate this server or member of AD DS for others domain controller. Primary zones only can be stored in directory.DNS server cannot store secondary zone in directory which must store in standard text files.When all zones store in AD DS , multimaster replication model will removes the need of secondary zones.

Benefits of AD DS integration

Multimaster data replication and enhanced security which is DNS feature will base on the capabilities of AD DS. Single-master update model will determine the conducted of DNS update. Single-master update model single authoritative DNS server is designed as primary source for a zone. Master copy of the zone is in local file. Single fixed point of failure is a primary server for a zone. Update request for DNS client will not processed for a zone if this server is not available.AD DS replication mean that dynamic update of DNS will send to any AD DS-integrated DNS server and will replicated to all others AD DS integrated. The zone can be update by the DNS operating at any domain controller because it is fully replicated to all domain controllers. Any primary server can process request from DNS client to update the zone with multimaster update model of AD DS. We can secure dnsZone by use access control list (ACL).

When a zone is added to AD DS domain, this zone will automatic to replicated and synchronized to new domain controller. DNS server service can be selectively removed from a domain controller but the directory-integrated zone is stored at each domain controller. So, zone storage and management is not a additional resource. Besides that, the method use to synchronize directory-store information offer performance improvement over standard zone update method.

We can streamline database replication planning for network with integrating storage of DNS zone database. We must plan and give administer when we separated and store our DNS namespace and AD DS domain.

Standard DNS replication is less fast and efficient than Directory-integrated replication. Directory-stored zones need less data to be used because AD DS replication processing is performed on relevant changes only.

Planning DNS Zones

When we need to partition our namespace into zones, we have to review the traffic pattern in current and proposed network. We can use DNS server to review the DNS server satisfies and DNS performance counters which provide by System Monitor. Traffic routing consists of Server-to-server traffic and Client-to-Server traffic. Server-to-server traffic can occurs when zone transfer with others DNS server and by DNS interoperability with others server. While, Client-to-server traffic is caused by DNS client computer send query load and dynamic update. This traffic will also occurs when DHCP server providing update for earlier-version DNS that will not support dynamic update.

Besides that, analysis size of the network and estimate traffic pattern.

Example like large network , we have to study , test , revise and analysis , after that we can partition and delegate DNS zones based on requirement which have to providing efficient and fault-tolerant name service for each site.

After the analysis, we can make the conclusion about partition and delegate the DNS Zones based on the requirements for reason of providing efficient and fault-tolerant name service of each location or site.

DNS Server service support incremental zone transfer that allows server and server to replicate a standard zone. This function can reduce DNS replication traffic for review zone planning.

Create a DNS Application Directory Partition

Domain or application directory partition of Activity Directory Domain Service (AD DS) uses to store the Domain Name System (DNS) zone. We can partition to distinguish data for different replication purpose which is a data structure.

Command for create DNS application directory partition.

Open a command prompt.

Type "dnscmd<ServerName> /CreateDirectoryPartition <FQDN>".




Use to specify the name of the command-line tool for managing DNS server.


Is required to specify the DNS host name of the DNS server.


Is required for create a DNS application directory partition.


Is required for specify the name of new DNS application directory partition.

We can view the complete syntax for this command by typing


We can open command prompt runs as administrator by click on start choose all program after that click accessories .After that right click the command prompt and runs as administrator.

Enlist a DNS Server in a DNS Application Directory Partition

We have to enlist the DNS server that hosts the zone in the application directory partition after we create a Domain Name System (DNS) application directory partition to store a zone.

We can have the below step to enlist a DNS server in a DNS application directory partition

We have to open a command prompt.

After that type "dnscmd<ServerName> /EnlistDirectoryPartition<FQDN>".

DNS Notify

The proposes of DNS Notify is master server for a zone notify certain secondary servers in that zone that change and secondary server will check whether need to initiate zone transfer which is revision to the DNS standard (RFC 1996).

Notify list need to determine which of the secondary server in zone need to send the changes to the master server. Notify list is a list of the IP addresses for those secondary servers.

If local zone on master server update , the serial number in SOA record is updated to represent new version of zone .After that , master server will send notify message to others server .Then , all secondary servers for the zone will receive notify message .This message is respond by initialing on SOA-type query back to the notifying master server. This message will determine if zone of the notifying server is a later version that store in zone. The notified server will request for AXFP or IXFR zone transfer if serial number used in SOA record of the zone notifying server is higher than serial number used in SOA that current copy.

Troubleshooting zone problems

User more often having the problem of having problem related to zone transfer, broken on zone delegation, resource record is disappeared in a zone hosted on a secondary DNS server and different zone problem.

If the user having the problem related to zone transfer. This problem is cause by the DNS Server Service is stopped. We can solve the problem by verify master and secondary DNS server. If the problem cause by DNS do not have network connectivity during transfer. We can eliminate the possibility basic network connectivity problem between two servers. Besides that, this problem also can cause by serial number is same at both source and destination. We can use DNS manager to increase value of serial number to greater value at the secondary server.

Second problem, user using zone delegation but broken .This problem cause by zone delegation is not configured correctly. User has to revise the zone configuration and reconfiguration the zone delegations. Zones are a place that contain information about DNS domains and sub domains. Single-node database is a default zone original for a DNS domain. Subdomain is added directly to its parent and stored as single zone. A subdomain that remains its part with same zone, they also call as subzone. When have subzone , new subdomain will retained as part of the zone .It will replicated and update along with the zone single entity. Besides that m we also can delegate subdomain away and manage them in their own zone. Parent zone have to delegation record for those subdomain that delegated to its own zone.

Third problem is resource record is disappeared in secondary DNS server. This problem cause by DNS server is unable to service incremental zone transfer from the request of a secondary DNS server.Primary DNS server will response to a full zone transfer.When this problem occurs , some of the record in secondary zone can be deleted. We can solve this problem by using hotfix.