Manualshelf

Bind 9 Administrator Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series
11121314151617181920
Chapter 1. Introduction
zone. To make the DNS tolerant of server and network failures, most zones have two or more
authoritative servers.
Responses from authoritative servers have the "authoritative answer" (AA) bit set in the response
packets. This makes them easy to identify when debugging DNS configurations using tools like dig
(Section 3.4.1.1).
1.4.4.1. The Primary Master
The authoritative server where the master copy of the zone data is maintained is called the primary
master server, or simply the primary. It loads the zone contents from some local file edited by humans or
perhaps generated mechanically from some other local file which is edited by humans. This file is called
the zone file or master file.
1.4.4.2. Slave Servers
The other authoritative servers, the slave servers (also known as secondary servers) load the zone
contents from another server using a replication process known as a zone transfer. Typically the data are
transferred directly from the primary master, but it is also possible to transfer it from another slave. In
other words, a slave server may itself act as a master to a subordinate slave server.
1.4.4.3. Stealth Servers
Usually all of the zone’s authoritative servers are listed in NS records in the parent zone. These NS
records constitute a delegation of the zone from the parent. The authoritative servers are also listed in the
zone file itself, at the top level or apex of the zone. You can list servers in the zone’s top-level NS records
that are not in the parent’s NS delegation, but you cannot list servers in the parent’s delegation that are
not present at the zone’s top level.
A stealth server is a server that is authoritative for a zone but is not listed in that zone’s NS records.
Stealth servers can be used for keeping a local copy of a zone to speed up access to the zone’s records or
to make sure that the zone is available even if all the "official" servers for the zone are inaccessible.
A configuration where the primary master server itself is a stealth server is often referred to as a "hidden
primary" configuration. One use for this configuration is when the primary master is behind a firewall
and therefore unable to communicate directly with the outside world.
12