WHOIS question

1. Are all of the name servers listed in your WHOIS authortative for your domain?

2. If they are listed in your WHOIS, this means they are all primary name servers right ? (not secondaries?)  Or......is one a primary and one a secondary?

3. From the plethora of online DNS stuff I've read: Primary nameservers have an SOA for your domain. Secondary servers do not.

Do secondary servers have primary Forward Lookup Zones? Here's an example. At home, i host my own DNS server (dissovledz.com). It is the primary name server for my domain. I have no additional name servers. If I were to create another name server at another location......should this be another primary nameserver or should it be a secondary?  Should it be a primary forward lookup zone in this server or secondary lookup zone (you see where I am confused?)  
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hi dissolved,
1) Yes

2) They can be primary or secondary servers. They could all be secondary servers even.

3) The basic difference is that all updates are performed on the primary server. Secondary servers regularly check the 'serial' parameter of the SOA and if it has been updated they perform a zone transfer and pull a new database of entries for the corresponding domain into their database. A secondary DNS server can be thought of as a backup DNS in the same way that a backup domain controller and primary domain controller work on the Windows file servers.

If you setup a DNS at a remote site then if that site has a different domain you would normally create it as a primary as you dont want lots of DNS traffic going between sites. You can then also set one sites DNS server to be a secondary for the others domain so that each site acts as a backup for the other.
On the clients DNS configuration you list the local DNS server first and then add the remote DNS server as a 2nd entry. If the first server fails then the client will access the second server located at the remote site.
This way normal DNS traffic does not waste internet bandwidth but if the server fails DNS continues to function.
Normally each DNS server will have a forwarder pointing to the local ISP's DNS servers.
Chris DentPowerShell DeveloperCommented:

Definition of Terms:

Primary - Start of Authority for the Domain, provides Authoritative Answers for it's own domain.
Secondary - Authoritative for the Domain (but not the Start of Authority), will have a Name Server record in the Forward Lookup zone.

Master - A Zone File Type, Master allows Read and Write access.
Slave - A Zone File Type, Slave allows Read access only - Zone file is transferred from the Master

1. Yep

2 & 3. Primary is the Start of Authority for the Domain, Secondary traditionally holds a Slave copy of the domain and is included in the Name Server list for the Domain so at least one name server is available to service requests.

Still, only one server gets to be Start of Authority.

Basically, if the DNS is included in the Name Server List (i.e. it has an NS Record in the Lookup Zones) then the server can provide an Authoritative answer for the domain.

The Rest. Secondary Servers can have Master Forward Lookup Zones, but this means you'd have to manually update two seperate servers. The Slave zone type removes this problem since it just performs a Zone transfer from the Master.

If you run an Active Directory Integrated DNS talk of Master and Slave zones becomes redundant.

Active Directory Integrated DNS zones are all Master Zones (AD Integrated DNS is known as Multi-Master DNS). This means all AD Integrated zones are Read / Write access, which allows them to accept and replicate updates to other DNS Servers via normal AD Replication.

Hope that all makes some kind of sense.
Chris DentPowerShell DeveloperCommented:

I type way too slow ;)
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

dissolvedAuthor Commented:
ok thanks guys. so:

-every name listed in WHOIS is authoritative.
-you are only allowed one primary server (w/ SOA). The rest must be secondary (i read this in an RFC just now)

I guess where I'm confused is when it comes to the Primary zones (master) and Secondary Zones (slave). I do in fact understand the concept of primary and secondary servers. Like you guys were saying, secondary DNS server is like having a backup domain controller.

If I were to create a secondary server for dissolvedz.com, it would not be in a primary zone (aka : master zone) correct? Let's say  I am going to create another DNS server from scratch. And when I went to configure it, I would specify SECONDARY ZONE for dissolvez.com. This way, no SOA record would be present and the SECONDARY ZONE (aka slave) would get its transfer from the primary NS at my house. This is where I'm confused.  But I think I am correct?

Chris DentPowerShell DeveloperCommented:

That sounds right. It's mainly just the different terms that are confusing.

Master and Slave are zone file types.
Primary and Secondary are Name Server roles.
dissolvedAuthor Commented:

primary name server has master zones  for dissolvedz.com
secondary name server has slave zones for dissovledz.com

I think I get it now.  When you set up a name server for a domain and specify "MASTER ZONE", this means that THIS name server will be THE primary name server for the domain.

Not trying to beat this to death, but can I get another verification on that kind sirs ? :-D
Chris DentPowerShell DeveloperCommented:

The set-up you post is correct.

The only bit that's missing is that the Start of Authority record defines which server is the Primary for the Domain (effectively).

But add that in and your description is perfect:

The Primary Server is the SoA, has an NS Record and runs a Master Zone File.
The Secondary Server has an NS Record and runs a Slave Zone File.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dissolvedAuthor Commented:
thanks! microsoft likes making things confusing with their "Primary zone and secondary zone" terminology

thanks again guys
Chris DentPowerShell DeveloperCommented:

Yeah, don't I know it ;)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.