How to Configure Secondary DNS Server 2012 R2
In an old post, we already talked about the steps to install DNS in Windows Server 2012 r2 , steps to configure forward lookup zone and steps to configure AD Integrated DNS. In this article, we’ll talk about the steps to configure Secondary DNS zone in 2012 R2. As we know that Domain Name System is used for name resolution, it resolves the host name to IP address and IP address to host name.
Secondary is a read only copy of primary. It can be used for fault tolerance. We cannot create any records or delete records from Secondary because this is just the read only copy of primary.
In this post we’ll also talk about the prerequisites to configure secondary . Let’s start with the steps. The computer on which we are configuring secondary DNS is a member server.
1. Click on Start button, select the down arrow and select DNS.
2. To configure secondary DNS server, right-click Forward lookup zone and select “New Zone”.
3. Click on next to continue.
4. In the “Zone type” window, select the type of zone that you want to use. For this practical we’ll use Secondary. Click on next to continue.
Types of Zones:
a) AD Integrated: It can only be configured on Domain Controller. In this zone, data would replicate with Active Directory. We can install DNS on all the Domain Controllers.
b) Primary: In a primary zone, local file will be created on the computer in “c:\windows\system32\DNS” folder. We can have only 1 Primary DNS server in our Domain. It doesn’t replicate.
c) Secondary: It is the read only copy of Primary Zone. You can review the Steps to create a secondary zone in future articles. It also helps in fault tolerance.
d) Stub: It is also a read only copy, but we only have three types of records in Stub i.e. Nameserver (NS), Start of Authority (SOA) and glue Host (A) records.
5. To configure secondary DNS server, type the name. In this example, we are creating Secondary for “ABC.COM“. Click on next to continue.
6. To configure secondary DNS server, type an IP address of Primary. IP address of Primary DNS is 192.168.1.10. Hit enter.
7. A green check confirms that Secondary is able to communicate with Primary. In case of failure check the communication. Click on next to continue.
8. Click on Finish to close the wizard.
9. On the Secondary we can see an error message “Zone Not Loaded by DNS Server”. We can see this error message because we didn’t complete the prerequisite of allowing zone transfer on Primary /Active Directory Integrated. We cannot create Secondary until we allow zone transfer in primary.
10. To allow “Zone Transfer”, go to Primary. Right click the domain name and select properties.
11. In the Domain properties window, select “Zone Transfer” tab and select an option “Allow zone transfer”. Under zone transfer we can see three options:
Options to allow zone transfer:
a) To any server: This would allow zone transfer to any server. This option is not secured as we are not restricting the list of computers to transfer data.
b) Only the servers listed in the Name Server tab: This option will only allow the Zone transfer to the computers listed in the Name Server tab.
c) Only to the following servers: You can define the list of computers to which zone transfer will be allowed.
12. After we allow Zone transfer in Primary. Go back to the Secondary DNS and refresh the console. Now we can see all the data visible in Secondary. We cannot create any Resource records in Secondary as it is read only copy of Primary.
I hope you understood the steps to configure Secondary DNS Server. A question for you, “What are the prerequisites to configure Secondary”. Type the answer in the comment section.
Don’t forget to share this article with your friends..!!