Solaris Naming Administration Guide

DNS Servers

DNS servers perform one or more functions:

These different server functions can be performed by the same machine. For example, a machine can be a primary master server for one zone and a secondary master server for another zone. When this manual refers to a primary or secondary or cache-only server, it is not referring to a particular machine, but the role that machine plays for a given zone.

Master Servers

The master name servers maintain all the data corresponding to the zone, making them the authority for that zone. These are commonly called authoritative name servers. The data corresponding to any given zone should be available on at least two authoritative servers. You should designate one name server as the primary master server and at least one more as a secondary master server, to act as a backup if the primary is unavailable or overloaded.

A server may function as a master for multiple zones: as a primary for some zones, and as a secondary for others.

Primary Master Server

The primary master server is the DNS name server that loads the master copy of its data from disk when it starts in.named. A zone's primary master server is where you make changes for the zone. The primary master is the source for DNS information regarding its zone. The primary server may also delegate authority to secondary servers in its zone as well as to servers outside its zone.

Secondary Master Server

A secondary master server maintains a copy of the data for the zone. The primary server sends its data and delegates authority to the secondary server. Clients can query a secondary server for DNS information. By using secondary servers, you can improve response time and reduce network overhead by spreading the load over multiple machines. Secondary servers also provide redundancy in case the primary server is not available.

When the secondary server starts in.named, it requests all the data for the given zone from the primary. The secondary server then periodically checks with the primary to see if it needs to update its database. The process of sending the most recent zone database from the primary to the secondary is called a zone transfer. Thus, you do not modify data files on a secondary server, you modify the data files on the zone's primary server and the secondary servers update their files from the primary.

Caching and Cache-only Servers

All name servers are caching servers. This means that the name server caches received information until the data expires. The expiration process is regulated by the time-to-live (TTL) field that may be attached to the data.

Additionally, you can set up a cache-only server that is not authoritative for any zone. A cache-only server is a server that is not a master server for any zone other than the domain. A cache-only server handles the same kind of queries from clients that authoritative name servers perform. But the cache-only server does not maintain any authoritative data itself.

A cache-only server requires less memory than an authoritative server, but cannot function by itself if no primary or secondary servers are available.

Root Domain Name Server

A DNS name space must have one ore more root domain name servers that are authoritative for the root domain.

The information that identifies the root domain name servers is stored in a cache file. This manual and most Solaris sites call this file (Other common names for this file are: root.cache, named.root, or db.cache.) Each server's boot file contains a record identifying the file that holds the root domain name server information.

Internet Root Domain Server

If your site is connected to the Internet, your DNS name server's boot files must point to a common cache file (usually called that identifies the root domain name servers. A template for this file may be obtained from InterNIC registration services via:

If you are naming your DNS files according to the conventions in this manual, you need to move this file to /var/named/

Non-Internet Root Domain Server

If your site is not connected to the Internet, you must set up one or more of your servers to perform as root domain name servers. The boot files of all DNS name servers on your network must point to a common cache file (usually called that identifies the root domain name servers. You then create a cache file that identifies your root name servers.

Since a single machine can be the primary domain name server for more than one machine, the easiest way to create a root domain name server is to have the server for your highest level domain also be the server for the logical "." domain.

For example, suppose you have given your network the domain name solo. The DNS master name server is dnsmaster.solo.(with a trailing dot). In this case, you would make dnsmaster the root master server for the "." domain.

If your network has more than one top-level domain, the root domain server name should be the primary name server for all top-level domains. For example, if your network is divided into two separate, non-hierarchal domains named solo and private, the same server must be root master server for both of them. Following the example above that would mean that dnsmaster.solo. is root domain master for both the solo and the private domains.