Why should one have a secondary DNS server?
Solution 1:
The major point in having a secondary DNS server is as backup in the event the primary DNS server handling your domain goes down. In this case, your server would be still up, and so without having a backup, nobody could get to your server possibly costing you lots of lost customers (i.e. REAL MONEY).
A secondary DNS server is always up, and ready to serve. It can help balance the load on the network as there are now more than one authoritative place to get your information. Updates are generally performed automatically from the master DNS. Thus it is an exact clone of the master.
Generally a DNS server contains more information than just a single server, it might contain mail routing information, information for many many hosts, mail spam keys, etc. So resilancy and redundancy are of DEFINITE benefit to domain holders.
I hope this helps your understanding.
Solution 2:
Is the point of having secondary DNS
Only extremely small organizations can do everything on a single server. I have many servers, I want my email to be able to continue operating even though the web server is down. I have services hosted on external networks that I want to stay up even if my Internet link was down.
Is a backup DNS system basically up all the time?
Usually.
How is it configured?
It depends on the DNS server software, but usually on the 'backup server', you set up it up as a secondary. Then you tell in the IP of the master server, and the zones you want replicate.
Solution 3:
It is a must of the RFC. See http://www.ietf.org/rfc/rfc1035.txt
To cite the important things from page 4:
The DNS requires that all zones be redundantly supported by more than one name server. Designated secondary servers can acquire zones and check for updates from the primary server using the zone transfer protocol of the DNS.
Solution 4:
The backup DNS servers (one or more) will be slaves to your primary DNS server. Changes to the primary DNS server will be picked up by the slaves. This may be done on a periodic basis, or in response from a notification from the primary server. This is one cause of delays in changes to DNS being recognized across the Internet. Your primary and backup nameservers will be listed as the nameservers for your domain.
Before DNS notify, slave nameservers would have a prior version of the DNS data for some period of time. (This is the one of purposes of the serial number.) Once all the nameservers have updated to the same version (same serial number) they should all have the same data. Editing a zone file without incrementing the serial number can cause inconsistent data.
There is no switching to the backup DNS server(s). DNS requests are distributed across all your nameservers relatively evenly. (This is done by querying servers using a round robin schedule.) If one or more name servers are down, requests will be retried on another nameserver after a timeout. As long as one of your nameservers is up your domain will resolve (slowly at times). You want to have all your nameservers always up.
In your case, you may find that it is simpler to use your ISP or domain registrar to host your domain. They will have one or more backup nameservers and will have resources dedicated to keeping them running.
If all you run is a web server a secondary DNS may not seem that important. However, when your server is down there are a number of reasons you may want a backup DNS server, including:
- to enable you to ping or traceroute to your host to verify it is down.
- to prevent users and crawlers from deciding your domain is no longer used.
If your domain gets or send email you need a backup DNS to establish your credibility and ensure future delivery of email. If a mail server looks up you domain and finds it doesn't exist, it will immediately bounce your email. However, if it DNS lookups succeed and the server is down, then the email will be queued for later delivery. Only if you are down for a few days will your email start bouncing. (Some poorly behaved automated delivery systems try only once and may fail to deliver messages even if your server is up.)