BIND dns master server vs slave server


I have a  question regarding master dns server and slave DNS server. IS this slave used for load balancing or  in case master failed slave take over?  Thanks in advanc.e
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gt2847cSr. Security ConsultantCommented:
The master/slave relationship is a configuration mechanism.  You configure the master, and the slave units will copy the configuration from the master (zone transfers).  It simplifies managing multiple DNS servers.

You want to have multiple DNS servers in any production environment.  It provides redundancy in case of failure.  It does not, in an of itself, provide load balancing however.  That is done through configuration on the client side, network configuration, or through a load balancer:

Client side:
Alter the order for DNS server on the clients - manually or through DHCP

Network configuration:
Use of solutions like multicast or IP Anycast to allow the network to route traffic to the closest DNS server

Load balancer:
Either software based or hardware based, examples like F5 Big IP, Cisco ACE, etc.  These solutions can (depending on how configured) pass traffic to multiple DNS servers to manage load

Current DNS systems allow for multiple master which allows for multiple units to make updates.  This is useful in situations like Active Directory which (can) allow clients to send update records to the DNS server (publishing resource records).  By allowing multiple master DNS servers, one primary server does not have to manage all updates which could overwhelm it in a large enterprise environment.  Multi-master is a far more complex topic as you have to handle update collisions, and a more complex versioning scenario.

That help some?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mokkanAuthor Commented:
Hi gt2847c,

Thank you very much. If I understan correctly, if we update the DNS zone in master server, it will get notify to slave as well and slave will update the DNS zone files locally.  It will use it for load balancing ?  If the master goes down, what will happen?

Also, how does slave zone fiels get update? Do we need to do set up a cron job or anything or bind has any feature to update SLAVe zones?
gt2847cSr. Security ConsultantCommented:
Unless configured to send notify messages to slave units, the slave units themselves will query the master based on the configured refresh time for a given zone.  Once the refresh timer expires, it will query the master to see if the zone serial number differs (is greater than) the serial number it has cached.  If the number is equal or less than its own number, no zone transfer will occur and the refresh timer is reset.  If the number is greater, it will initiate a zone transfer from the master (this can be a full transfer or incremental transfer) and update its cached files with the new data.  Once the transfer is complete, it will reset the refresh timer and continue the cycle.  The update cycle is client (slave) driven.  The master may send notify messages to defined slaves if configured to do so, but that doesn't guarantee the slave will update, it's just a notice...  

This is the traditional way DNS keeps itself up to date.  Many current IP address management solutions (IPAM) with DNS server integration use a back end database to manage updates and do not rely on the zone transfer mechanism.  One thing to note, if you are doing changes to the master through manual changes to configuration files rather than through an IPAM solution, you must make sure you update the serial number of the zone you are changing or none of the slaves will update.  This will cause client problems due to inconsistency of zone data between the primary and slaves.

Load balancing is not a function of the DNS solution with respect to itself.  Load balancing amongst DNS servers must be handled externally (as described above).  

On the topic of the master going down, there are two perspectives:

From a DNS server view, the slaves will continue to operate and serve addresses, but no new records/zone information/changes will get to them as they depend on the master for "authoritative data"  (that said, there are ways around this, but we're talking normal modes of operation vs how to fix problems).  The slaves will continue to serve only the data that they have until the zone configured "Expire Time" is exhausted.  Once this occurs, the secondary will consider the zone data too old to be reliable and will stop resolving any records for the expired zone.  The default value for this is 1 day, but it can be set higher.  

From the client view, any client pointed at the master DNS server as its primary resolver will be unable to resolve addresses.  This is mitigated by the fact that most systems have a minimum of two resolvers configured (primary/secondary).  If the primary times out, the client will then query the secondary (or tertiary, etc, etc).
Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

gt2847cSr. Security ConsultantCommented:
Did this answer your questions?  Did you need any further assistance?
Yes, they are sort of helping hand to each other. From client prospective in case one fails, client can make the FQDN's resolve with alternative host setup.
mokkanAuthor Commented:
Thanks a lot guys.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.