The different DNS zones on Windows Server

Hello everyone,

In this article I will explain the difference between the different types of zones that can be created on a DNS server with Windows Server.

There are 3 types of zones which are:

  • Primary zone
  • Secondary zone
  • Stub zone

Before talking about zone types, let’s first see what a DNS zone is.

DNS zone

A DNS zone corresponds to a domain name or a subdomain that the DNS server will know to answer the requests it will receive.

On the screenshot below, we can see the two DNS zones managed by the server.

For the zones which are not integrated into the Active Directory, the “database” of the zone is saved in a file bearing the name of the zone with the extension .dns which is found by default in the following location on the DNS server: C:\Windows\System32\DNS

Primary zones and stubs can be integrated into Active Directory when they are created on a domain controller and the data is directly in the database of the AD.

Now we will see the different types of zones available when we want to create a DNS zone.

Primary zone

It is a zone where the DNS server which hosts it has authority over it and in which we have write access and we can therefore add, modify and delete records.

It can be integrated into the Active Directory and replicate on all domain controllers and therefore subsequently modify from all DCs.

In an AD environment, I advise you to integrate it into the Active Directory, which makes it easy to create because it will be replicated everywhere automatically and automatically configured.

The creation of the same main zone not integrated with the Active Directory on several DNS servers can be a source of conflict, it is advisable to create a main zone and secondary zones on the other DNS servers.

Secondary zone

This zone is a copy of a main zone, it is not writable on the server where it is created.

It is necessary to authorize the zone transfer on the primary zone by indicating the server (s) which will host a secondary zone for this domain.

Stub zone

A stub zone is a mix between the secondary zone and a conditional redirector.

It is a zone accessible only in reading and which will contain the SOA and NS records.

When the DNS server receives a request for a stub zone, it uses the NS records to locate the name servers and send the DNS query.

Hope this article has helped you on DNS zones with Windows Server.

Leave a Comment