Duplication and Distribution of Zones

DNS is distributed in one other way. Because DNS is so vital to the Internet, it has been designed to be redundant. For each zone, several servers exist. When one server breaks down, the other servers for that domain will still be capable of answering queries about that zone on their own. All a subdomain's authoritative servers are listed in the domain above it. When your computer tries to find an address from a name, it has many alternative servers to query at each step in the process. If one server fails to answer within a set timeout, another will be queried. If they all fail then the query will fail and not return any result. The redundancy not only ensures robustness against failures, it also provides load distribution between the servers that are authoritative for a domain.

It is the responsibility of you, the zone owner, to design and implement the redundancy and robustness you need from DNS. Most TLD authorities require at least two working nameservers for a zone before they will delegate authority over it to the zone owner.

The rootservers are redundant, too. This serves both to distribute load and to be robust against any failure in one, or several, of them.

If you examine where on the Internet the rootservers are located, you discover another important characteristic they are located in widely different networks in different parts of the world. If the two required nameservers of a zone were located in the same computer room, a single fuse, router, or network switch failure could wipe out name service. Even if they are in separate rooms of the same building, they are still liable to become unavailable to the outside if a single access router, line driver, or power line fails. If two companies share name service, they both must be without network connectivity before name service becomes unavailable. If the two companies are also located in separate cities and use separate Internet providers then they are pretty safe from one single failure taking out their name service.

The rootservers are the most important servers on the entire Internet, which is why they are very redundant. Right now, 13 root nameservers exist on different networks and on different continents. It's pretty unlikely that DNS will fail due to a rootserver failure.

The redundancy necessitates a zone duplication mechanism, a way to copy the zones from a master server to all the redundant slave servers of that zone. Until recently, these servers were usually called primary and secondary servers, not master and slave. You will still find this old usage in a lot of documents and discussions on the Net.

In any case, DNS has a duplication mechanism called zone transfer. When, as a DNS administrator, you make changes and updates in the zone file on the master server, the slave server will either act on a notification of the update, or if the notification is lost, notice that a long time has elapsed since it last heard from the master server. It will then check whether there are any updates available. If the check fails, it will be repeated quite often until the master answers, making the duplication mechanism more robust against network failures. If the slave server has been incapable of contacting the master server for a long time, usually a week, it will not give up. Instead, it will stop serving queries from the old data it has stored. Serving old data masquerading as correct data can very well be worse than serving no data at all.