What is Zone Transfer?
The process of transferring information in the zone file on a primary name server to a secondary name server. You would do this in the following situations:
- If the primary name server goes down, so that the secondary name server has a complete, up-to-date copy of the zone file and can handle name resolution requests by Domain Name System (DNS) clients on the network.
- If a large number of DNS clients on the local network are making name resolution requests, so that you can load balance these requests between the primary name server and its secondary name servers.
- If the primary name server is located on the other side of a slow wide area network (WAN) link, so that you can reduce network traffic over the link by allowing name resolution requests to be handled locally. The only network traffic created by DNS is occasional zone transfers over the link.
Hoe it works
In Microsoft’s implementation of DNS on Microsoft Windows NT, zone transfers occur in three circumstances:
- When the Microsoft DNS Server Service is started on the secondary name server.
- When the refresh interval for the secondary name server expires - as defined in the start of authority (SOA) record at the beginning of the zone file on the primary name server.
- When changes have been made to the zone file on the primary name server and there is a notify list. The primary name server immediately notifies the secondary name server that the zone file has been modified and instructs it to initiate a zone transfer without waiting for the refresh interval to expire. The notify list is a list of IP addresses that specify which secondary name servers are allowed to access zone information on the primary name server for purposes of zone transfer.
A zone transfer is always initiated by the secondary name server. Typically, the secondary name server periodically contacts the primary name server to determine whether any changes have been made to the primary name server’s zone file. If so, it initiates a request for zone transfer. Specifically, when the refresh interval expires on the secondary name server, the following occurs:
- The secondary name server requests and receives the SOA record from the primary name server.
- The secondary name server compares the version number in the primary name server’s SOA record with its own current version number. If they differ, the secondary name server requests a zone transfer from the primary name server.
- In standard DNS operation, the entire zone file is transferred during this process.
Graphic Z-2. Zone transfer in standard DNS on Windows NT.
The dynamic update standard supported by Microsoft Windows 2000 allows zone information to be transferred by using updates. The entire contents of the zone file are not sent when a change is made to a resource record in the file. This method is called incremental zone transfer and is defined in Request for Comments (RFC) 1995.