Zones are the basic organizational unit of DNS. Zones contain records and are defined by how they acquire those records and how they respond to DNS requests.
There are three basic zones:
Primary
Secondary
Forward
Other kinds of zones aren’t covered here.
Primary zones
A primary zone has the master copy of the zone’s records and provides authoritative answers to lookup requests.
Secondary zones
A secondary zone is a copy of a primary zone and is stored on a secondary name server. It has the following characteristics:
Each secondary zone has a list of primary servers that it contacts for updates to records in the primary zone. Secondary zones must be configured to request the copy of the primary zone data.
Secondary zones use zone transfers to get copies of the primary zone data.
Secondary name servers can take lookup requests like primary servers.
By using several secondary zones linked to one primary, you can distribute DNS query loads across several computers and make sure lookup requests are answered if the primary name server is down.
Secondary zones also have a refresh interval. This interval determines how often the secondary zone checks for changes from the primary zone. You can change the zone refresh interval by using the BIND configuration file. For information, see www.isc.org/sw/bind.
Forward zones
A forward zone directs lookup requests for that zone to other DNS servers. Forward zones don’t support zone transfers.
Often, forward zone servers are used to provide DNS service to a private network behind a firewall. In this case, the DNS server must have access to the Internet and a DNS server outside the firewall.
Forward zones also cache responses to queries they pass on. This can improve the performance of lookups by clients that use the forward zone.
The Server app doesn’t support creation or modification of a forward zone. To create a forward zone, you must configure BIND manually at the command line. For information, see www.isc.org/sw/bind.