Difference between primary and secondary DNS

What is a DNS and what is it used for? And what is the difference between primary and secondary DNS?

DNS, which stands for Domain Name System, is fundamental to the functioning of the Internet as it converts domain names into IP addresses. This conversion allows us to surf the Internet using a browser without having to remember long sequences of numbers and letters.

The primary DNS is the one used by default. However, if the translation request cannot be forwarded or if no response is received from the server, the secondary DNS is used as an alternative. This is why it is important to configure it, even though setting up a secondary DNS is not mandatory for the proper functioning of a network.

Let us look in detail at the difference between primary DNS and secondary DNS, and what the advantages of the latter are.

The Function of DNS Servers

Each website is identified by an IP address, which may be fixed or dynamic. This is a numerical code associated with the name of the site, consisting of four sets of numbers separated by dots, varying from 0 to 255 (e.g.

When you enter the address of a site you wish to visit into your browser, it sends a request to the DNS server to obtain the corresponding IP address. The DNS server decodes the URL and looks for the associated IP address.

The DNS merely translates the otherwise impossible-to-remember IP number. Once found, it communicates this to the browser, which in turn uses this IP address to send the request to connect to the site.

In essence, the DNS system is a database that functions like a telephone directory, registering matches between domain names and IP addresses, in order to convert name requests into IP addresses.

DNS servers are divided into two categories: 1) Primary DNS Server; 2) Secondary DNS Server. The DNS servers are divided into two categories.

Primary DNS servers host the control zone files, while secondary DNS servers are used to ensure reliability and redundancy.

Primary DNS Server

Primary DNS servers contain all relevant resource records and handle DNS queries for a domain. Let us explain further.

A primary DNS server hosts so-called “control zone files”. These text database files contain all the information needed to convert a domain name into an IP address, the identity of the domain administrator and various resource records.

In other words, these files hold authority over a given domain and control how that domain is resolved into an IP address. They can be read and written, which means that changes can be made directly to this file.

The resource records list domain names together with their corresponding IP addresses and can take various forms:

  • Record A: Addresses a domain to an IPv4 address.
  • AAAA record: Addresses a domain to an IPv6 address
  • MX Record: Assign a mail server to a domain
  • NS Record: Identifies the authoritative DNS servers for a domain.

Primary servers are also responsible for making the necessary changes to a zone’s DNS records. Once the primary server has completed the update, it can pass the change requests to the secondary servers.

The Secondary DNS Server

Secondary DNS servers can respond to DNS requests for the same domain as the primary server. Their function is to act as a sort of backup for the primary DNS servers, containing a read-only copy of the primary zone file, known as the secondary zone file.

If, for any reason, the primary DNS server is unavailable or unresponsive, the secondary DNS server can step in and continue to convert domain names into IP addresses. This ensures continuity of service even in the event of problems with the primary DNS server.

The secondary DNS server obtains its information through a process called zone transfer, which involves transferring data from another DNS server, a primary DNS server or another secondary DNS server.

Since this is a read-only copy, no direct changes can be made to the resource records in this zone. Therefore, changes must be made on the primary DNS server. The updated information is then transferred to the secondary DNS server.

What are the advantages of using a secondary DNS server?

Each zone can only have one primary DNS server, but can have any number of secondary DNS servers, which – as stated – guarantees the resolution of queries even if the primary server does not respond/does not work.

In fact, even if secondary DNS servers are not necessary to complete a domain’s DNS queries, it is good practice (shared and even encouraged by many registrars) to set up at least one.

The advantages of using a secondary DNS server include continuity of service and workload distribution.

Continuity of service: If only one DNS server is relied upon and the primary server stops functioning due to a failure or external attack, Denial of Service (DoS) attacks, the site becomes inaccessible. With a secondary server, the service can continue. In addition, secondary DNS servers help distribute the workload.

Workload distribution: Secondary DNS servers help distribute the workload to be handled by the primary server with a technique called round-robin DNS that rotates between DNS servers randomly so that each receives a similar amount of traffic.