Managing Zone Scopes

Zone scopes in Microsoft DNS enable the DNS server to maintain multiple distinct sets of DNS records for the same zone. Each scope can provide different responses to DNS queries based on specific conditions, such as the type of client query, time or the network segment from which the query originates. 

Zone scopes in Microsoft DNS offer a powerful way to customize DNS responses based on various criteria, enhancing the flexibility and functionality of DNS services in complex network environments. This feature is particularly useful for implementing split-brain DNS, time based responses, client subnets or different policies for different users or devices.

How Zone Scopes Work

1. Multiple Record Sets:

• Each zone can have multiple scopes, each containing its own set of DNS records. These records can differ across scopes, allowing for customized responses.
• The DNS server determines which scope to use based on the client's properties, such as the client's subnet.

2. DNS Policies:

• DNS policies are used to define the criteria for selecting the appropriate zone scope for a given query. These policies can be based on factors like client subnet, time of day, or query type.
• Policies are configured to match queries with specific zone scopes, ensuring that clients receive the correct DNS responses based on the defined criteria.

 

Creating Zone Scopes in DDI Central

• Go to DNS-> Domains.
• Click the Add Domain button in the top right corner or open a domain in the edit mode.
• Navigate to the Scopes field on the Create Domain or Edit Domain page.
• Enter the name of zone scope and click the add(+) icon in the extreme right end after each entry.
• Click Save to finalize the configurations.

 

Now you are taken to the Domains page, where you can see your original zone along with its zone scopes with the same name. DDI Central helps you differentiate by displaying the scope name under the column Scope  along with each zone scope in the Domains page.

Once the zone scopes are created you can customize the records, apply various query resolution policies, RRL policies, DDNS settings and more.

 

Analytics for Zone Scopes

Just like how DDI Central helps you visualize the query analytics for a zone. You can also view the exclusive query analytics for each zone scope of a zone. You can see the key parameters like hourly query load, query rate and visual breakdown of the IPs accessing the records of a particular zone scope and the type of records queried under the zone scope.