- Now I'd like to go ahead and begin talking about DNS and DNS zones. A DNS zone is a DNS name space that's divided into smaller units called zones. Each zone is administered by a single organization, individual, or entity. Each zone stores name information for one or more DNS domains. If a DNS domain is included in a specific zone then that zone becomes the authoritative source for information about that domain.
There are three general types of DNS zones. There's the primary zone, the secondary zone, and the stub zone. The primary zone can be Active Directory integrated. That means that the primary zone can be part of Active Directory which means it can be set up on a domain controller that is controlling Active Directory. Alternatively you can set up a primary DNS zone as a conventional standalone zone as well. When you do this it's authoritative for the zone that it supports.
A primary zone is also the storage point for any information or any records related to that primary zone. A primary zone can be hosted in two places. It can be hosted as part of the Active Directory Domain Services. or on the domain controller. It can also be hosted as a local file on a DNS server. Now when put on a standalone server this is how the primary zone is hosted, as a file that's local to the standalone server that you've installed the DNS roll to.
A primary zone is required for DNS functionality and name resolution for any domain name. The next type of zone is a secondary zone. Secondary zones contain all the information that a primary zone does however it gets its information by transferring the zone information from other DNS servers rather than from Active Directory. Also any changes to the DNS records in a zone cannot originate in a primary zone.
Finally a primary zone is never authoritative for the zone it supports. Where secondary zones come in handy is when you are trying to reduce traffic on your network. Also a secondary zone is useful for providing fast name resolution so that a client can go to a local secondary zone to find out name resolution rather than having to go all the way back to the primary zone that may be located on the domain controller or some place else.
Secondary zones are also especially useful for providing fast name resolution when not using Active Directory-integrated primary zones. In other words if we're not using Active Directory for our primary zones then secondary zones become very useful for providing fast name resolution in that situation as well. A stub zone is a zone that only contains information about the servers that are authoritative for the zones. In other words instead of containing all the records of a zone it instead contains information about where to find the servers that are authoritative for the zone it supports.
This is useful for distributing information about where the full information for a zone can be found. One thing to keep in mind about a stub zone though is it does not have all the zone data that a secondary or especially a primary zone would have. Also you can configure zones inside PowerShell. The commandlets used to manage zones in PowerShell have full parity or full functionality with the GUI, the graphical user interface version of the DNS manager we'll look at in a little bit.
Also the PowerShell commandlets have full parity with the old style dnscmd.exe command-line tool. When using commandlets to support zone configuration there are actually two modules that you can use. The first module DnsClient, and the second module is DnsServer.
This Windows training course helps you study for the exams while learning advanced server administration techniques. Professor Timothy Pintello covers all of the core exam topics, including DHCPv6, primary and secondary DNS zone configuration, working with different DNS resource record types, VPN routing, certificates for direct access, IPAM admin delegation, and more.
- Implementing advanced DHCP solutions
- Configuring DNS zones
- Configuring DNS records
- Implementing advanced DNS solutions
- Configuring VPN and routing
- Configuring direct access
- Deploying and managing IPAM