Avatar of nichiaiinc
nichiaiinc asked on

Is it a good idea to use Domain Zone Transfer on your DNS server?

I am new to setting up DNS servers for Windows. I have an AD server with DNS that provides DNS service for about 20 users in the office. I notice a tab on the propertiesi of the DNS server to allow for Zone transfers for domains that are not listed.

I am guessing I can forward all requests to random websites like google.com hotmail.com and yahoo.com and such to an outside DNS server. What are the benefits of this, is it general practice to include zone transfers on your main Dns server. I would think you would have to have this setup for the DNS server to work, because it doesn't have the zones for example google in the DNS server, so I don't even know how it provides the IP for google when my end user connects to google by using the AD/DNS server to resolve the IP. I would assume the zone transfer has to be setup so the server gets the IP from a DNS server that actually has the values or entries for google or whatever domain name you are trying to access.

Any advice, guidance, info.


Avatar of undefined
Last Comment

8/22/2022 - Mon

Zone Transfers are only for when you want to transfer your DNS zones to another server - such as a secondary DNS server in your domain - you may want to host a secondary zone on that server - thats where the zone transfers come into play

What you are talking about is forwarding...you can forward certain requests to An external server - so if your dns server does not know the answer to a request - it will forward it out

Have a look at my guide here - look at the forwarding part for more info

Jay Jay awesome write up! I saved it already! I got a question. You are right, I was referring to forwarding not zone transfers, my mistake. But here is my question, I currently have none listed, so I am confused how the end users are able to load all the websites that they go to. shouldn't an outside DNS server be required in teh forwarding section?

What is your recommendation? What are the advantages to having them listed. Say like Yahoo's DNS server or something.


Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question

Thank you those are great articles and great advice!!! Much Appreciated
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck

absolute pleasure mate - all the best