Configuring and Managing
the DNS Server Role
Lesson 4
Skills Matrix
Technology Skill Objective Domain Objective #
Installing the DNS Server
Role
Configure a Domain
Name System ...
Domain Name System (DNS)
• Without DNS, your network will most likely not
function — clients won’t be able to resolve name...
HOST file
• Before DNS, name resolution was handled
through the use of text files called HOSTS files
that were stored loca...
Questions?
• How do we manage billions of DNS records?
• Can one server handles/stores all DNS records?
• If multiple serv...
Domain Name System
• DNS because of the following benefits:
– Scalability
– Constancy
– Ease of Use
– Simplicity
DNS Namespaces
• A DNS namespace is a hierarchical, tree-
structured list of DNS host names or domain
name, starting at an...
DNS Namespaces
DNS Namespaces
• The DNS namespace has a hierarchical structure
and each DNS domain name is unique within a
namespace.
• E...
DNS Namespaces
• Under the DNS root domain, the top-level
domains, or first-level domains, are
organizational types such a...
DNS Namespaces
Traditional Top-Level Domain Names
• com – Commercial.
• .edu – Education.
• .gov – Agencies of U.S. federal government.
•...
DNS Namespaces
• Second-level domains are registered to
individuals or organizations.
• Second-level DNS domains can have ...
Fully Qualified Domain Name (FQDN)
• DNS uses the fully qualified domain name (FQDN)
to map a host name to an IP address.
...
Zones
• DNS hierarchical structure is that workload for
name resolution is distributed across many
different resources.
• ...
Zones
• Zone data is maintained on a DNS name server
and is stored in one of two ways:
– As a text-based zone file contain...
Standard Primary Zone
• A standard primary zone hosts a read/write copy
of the DNS zone in which resource records are
crea...
Standard Secondary Zone
• A copy of the zone file may be stored on one or more
servers to balance network load, provide fa...
Zone Transfers
• A zone transfer can be a full zone transfer (called
an AXFR), in which the entire contents of the zone
is...
Forward Lookup Zone
• Most queries sent to a DNS server are forward
queries.
– They request an IP address based on a DNS n...
Reverse Lookup Zone
• The Reverse Lookup zone is in-addr.arpa domain.
• Enables a host to determine another host’s name
ba...
Stub Zone
• A stub zone is a copy of a zone that contains only those
resource records necessary to identify the authoritat...
DNS Server Types
• DNS server types are determined by the type of
zone or zones they host and by the functions they
perfor...
Primary Name Server
• Primary name servers have been configured with
one or more primary DNS zones.
• When a change is mad...
Secondary Name Server
• A secondary name server hosts one or more
secondary zone databases.
• Because a zone transfer is u...
Caching-Only Server
• Caching-only servers do not host any zones and are not
authoritative for any domain.
• Caching-only ...
AD-Integrated Zones
• Zones are stored in Active Directory.
• No distinction between primary and secondary
servers.
• Chan...
Installing the DNS Server Role
• Before you can use DNS Server Role, you must
install it with Server Manger.
Resource Records
• The resource record is the fundamental data storage unit
in all DNS servers.
– Start of Authority (SOA)...
Start of Authority (SOA) Resource
Records
• Identifies which name server is the authoritative
source of information for da...
Start of Authority (SOA) Resource
Records
Resource Records
Name Server (NS) Resource Records
• Identifies the name server that is the authority for
the particular zone or domain; th...
Name Server (NS) Resource Records
A and AAAA Resource Records
• The A resource record is the fundamental data
unit of the DNS that is used to translate the ...
A and AAAA Resource Records
Canonical Name (CNAME) Resource
Record
• Sometimes called an Alias record, is used to
specify an alternative name for the ...
Canonical Name (CNAME) Resource
Record
Mail Exchanger (MX) Resource Records
• Identifies the email servers for a domain.
Mail Exchanger (MX) Resource Records
Service Record (SRV)
• Enables clients to locate servers that are
providing a particular service.
– Windows Server 2008 Ac...
Service Record (SRV)
Root Hints
• DNS servers resolve DNS queries using local authoritative or
cached data.
• But if the server does not contai...
Root Hints
• By default, DNS servers use a root hints file, called
cache.dns, on Microsoft DNS servers.
• The cache.dns fi...
Iterative Query
Recursive Query
DNS Resolver Cache
• Any Windows computer, key the following at a
command prompt:
ipconfig /displaydns:
• To purge the cac...
Forwarders
• A forwarder is a DNS server on a network used to
forward DNS queries for external DNS names to
DNS servers ou...
Forwarders
Forwarders
Using NsLookup
Using NsLookup
Using NsLookup
Dnscmd Command
• You can use the Dnscmd command-line tool to
perform most of the tasks that you can do from
the DNS consol...
Advanced DNS Server Properties
• Advanced DNS server properties refer to the
settings that can be configured in the Advanc...
Advanced DNS Server Properties
Summary
• DNS names and the DNS protocol are required for Active
Directory domains and for compatibility with the
Internet...
Summary
• A DNS zone is a contiguous portion of a namespace for
which a server is authoritative.
• A server can be authori...
Summary
• There are several types of DNS servers: primary,
secondary, master name, and caching-only.
Summary
• A DNS server that hosts a primary DNS zone is
said to act as a primary DNS server.
• Primary DNS servers store o...
Summary
• A DNS server that hosts a secondary DNS server is said to
act as a secondary DNS server.
• Secondary DNS servers...
Summary
• Recursion is one of the two process types for DNS
name resolution.
• A DNS client will request that a DNS server...
Summary
• For the DNS server to perform recursion properly,
the server needs to know where to begin
searching for names in...
Summary
• A DNS server on a network is designated as a
forwarder by having the other DNS servers in the
network forward th...
Chapter 4   configuring and managing the dns server role
Upcoming SlideShare
Loading in …5
×

Chapter 4 configuring and managing the dns server role

789 views
681 views

Published on

Published in: Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
789
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
69
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide
  • Microsoft always recommends Active Directory-Integrated because it provides fault tolerance and high security.
  • When the opportunity arises, always review the Resource Records.
  • AAAA is becoming more popular as IPv6 popularity grows.
  • If you get an error that it cannot contact RPC server, it might be because SRV records are missing, DNS is not configured properly, or you are not pointing to the correct DNS server.
  • Demonstrate the NSLookup command.
  • Chapter 4 configuring and managing the dns server role

    1. 1. Configuring and Managing the DNS Server Role Lesson 4
    2. 2. Skills Matrix Technology Skill Objective Domain Objective # Installing the DNS Server Role Configure a Domain Name System (DNS) server 2.1 Introducing DNS Zones Configure DNS zones 2.2 Configuring DNS Resource Records Configure DNS records 2.3 Configuring Active Directory−Integrated Zones Configure DNS replication 2.4 Introducing the DNS Name Resolution Process Configure name resolution for client 2.5
    3. 3. Domain Name System (DNS) • Without DNS, your network will most likely not function — clients won’t be able to resolve names to Internet Protocol (IP) addresses. • In addition, Active Directory clients use DNS to locate domain controllers.
    4. 4. HOST file • Before DNS, name resolution was handled through the use of text files called HOSTS files that were stored locally on each computer. • The HOSTS file listed each name of the host and its corresponding IP address. • Whenever a new host was added to the network, an administrator would manually update the HOSTS file with the new host name or IP address information.
    5. 5. Questions? • How do we manage billions of DNS records? • Can one server handles/stores all DNS records? • If multiple servers, – How do the records being stored? – How administrators can manage these records? Can permission delegations happen? – How about high availability? • How a client can resolve name to IP using DNS? ITMT 1371 – Windows 7 Configuration 5
    6. 6. Domain Name System • DNS because of the following benefits: – Scalability – Constancy – Ease of Use – Simplicity
    7. 7. DNS Namespaces • A DNS namespace is a hierarchical, tree- structured list of DNS host names or domain name, starting at an unnamed root that is used for all DNS operations.
    8. 8. DNS Namespaces
    9. 9. DNS Namespaces • The DNS namespace has a hierarchical structure and each DNS domain name is unique within a namespace. • Each domain can have additional child domains. • At the top of the Internet DNS namespace is the root domain. – The root domain is represented by “.” (a period).
    10. 10. DNS Namespaces • Under the DNS root domain, the top-level domains, or first-level domains, are organizational types such as .org, .com, and .edu. – Generic — generic, top-level domain names. – Country code — Examples of country code domain names are .uk., .jp, and .us. – Infrastructure domain — .arpa is the Internet’s infrastructure domain name.
    11. 11. DNS Namespaces
    12. 12. Traditional Top-Level Domain Names • com – Commercial. • .edu – Education. • .gov – Agencies of U.S. federal government. • .net – Computers of network providers and ISPs. • .org – Nongovernmental and nonprofit organizations.
    13. 13. DNS Namespaces • Second-level domains are registered to individuals or organizations. • Second-level DNS domains can have many subdomains, and any domain can have hosts. • A host is a specific computer or other network device within a domain.
    14. 14. Fully Qualified Domain Name (FQDN) • DNS uses the fully qualified domain name (FQDN) to map a host name to an IP address. • An FQDN describes the exact relationship between a host and its DNS domain. • Example: – nadc1.redmon.microsoft.com
    15. 15. Zones • DNS hierarchical structure is that workload for name resolution is distributed across many different resources. • For administrative purposes, DNS domains can be organized into zones. • A zone is a collection of host name–to–IP address mappings for hosts in a contiguous portion of the DNS namespace.
    16. 16. Zones • Zone data is maintained on a DNS name server and is stored in one of two ways: – As a text-based zone file containing lists of mappings, called a standard zone or a file-backed zone. – Within an Active Directory database, called an Active Directory–integrated zone.
    17. 17. Standard Primary Zone • A standard primary zone hosts a read/write copy of the DNS zone in which resource records are created and managed. • Only one server can host and load the master copy of the zone. – no additional primary servers for the zone are permitted, and only the server hosting the primary zone is allowed to accept dynamic updates and process zone changes.
    18. 18. Standard Secondary Zone • A copy of the zone file may be stored on one or more servers to balance network load, provide fault tolerance, or avoid forcing queries across a slow, wide area network (WAN) link. • This standard secondary zone is a read-only copy of the standard primary DNS zone. • Information from a primary zone is transmitted to a secondary zone by performing a zone transfer, which is done by copying the zone file from the primary server to a secondary server.
    19. 19. Zone Transfers • A zone transfer can be a full zone transfer (called an AXFR), in which the entire contents of the zone is copied from the primary server to the secondary server during each zone transfer. • An incremental zone transfer (called an IXFR), in which only changed information is transmitted after an initial AXFR, in order to cut down on bandwidth usage between.
    20. 20. Forward Lookup Zone • Most queries sent to a DNS server are forward queries. – They request an IP address based on a DNS name. Includes Host (A) resource records that translate form host name to IP address.
    21. 21. Reverse Lookup Zone • The Reverse Lookup zone is in-addr.arpa domain. • Enables a host to determine another host’s name based on its IP address. – Contains the Pointer (PTR) resource record that translates from IP addresses to host names.
    22. 22. Stub Zone • A stub zone is a copy of a zone that contains only those resource records necessary to identify the authoritative DNS servers for that zone. • A stub zone is a pointer to the DNS server that is authoritative for that zone, and it is used to maintain or improve DNS resolution efficiency. • The stub zone contains a subset of zone data consisting of an SOA, an NS, and an A record. • Like a standard secondary zone, resource records in the stub zone cannot be modified; they must be modified at the primary zone.
    23. 23. DNS Server Types • DNS server types are determined by the type of zone or zones they host and by the functions they perform. • A DNS server may host either primary or secondary zones or both. • If the server doesn’t host any zones, it is referred to a caching-only server. • A server is said to be authoritative for a particular zone if it hosts a primary or secondary zone for a particular DNS domain.
    24. 24. Primary Name Server • Primary name servers have been configured with one or more primary DNS zones. • When a change is made to the zone data, such as adding resource records to the zone, the changes must be made on the primary server for that zone; these changes will then propagate to secondary name servers.
    25. 25. Secondary Name Server • A secondary name server hosts one or more secondary zone databases. • Because a zone transfer is used to create a secondary zone, the primary name server and zone already must exist to create a secondary name server.
    26. 26. Caching-Only Server • Caching-only servers do not host any zones and are not authoritative for any domain. • Caching-only DNS servers start with an empty cache and then add resource record entries as the server fulfills client requests. • This information is then available from its cache when answering subsequent client queries. • A caching-only DNS server is valuable at a site when DNS functionality is needed locally but when creating a separate domain or zone is not desirable.
    27. 27. AD-Integrated Zones • Zones are stored in Active Directory. • No distinction between primary and secondary servers. • Changes made on one DNS server are replicated to other DNS Server.
    28. 28. Installing the DNS Server Role • Before you can use DNS Server Role, you must install it with Server Manger.
    29. 29. Resource Records • The resource record is the fundamental data storage unit in all DNS servers. – Start of Authority (SOA) – Name Server (NS) – Host (A) – Host (AAAA) – Canonical Name (CNAME) – Mail Exchanger (MX) – Pointer (PTR) – Service Record (SRV)
    30. 30. Start of Authority (SOA) Resource Records • Identifies which name server is the authoritative source of information for data within this domain. – The first record in the zone database file must be an SOA record. In the Windows Server 2008 DNS server, SOA records are created automatically with default values when you create a new zone.
    31. 31. Start of Authority (SOA) Resource Records
    32. 32. Resource Records
    33. 33. Name Server (NS) Resource Records • Identifies the name server that is the authority for the particular zone or domain; that is, the server that can provide an authoritative name-to-IP address mapping for a zone or domain.
    34. 34. Name Server (NS) Resource Records
    35. 35. A and AAAA Resource Records • The A resource record is the fundamental data unit of the DNS that is used to translate the host name to the IPv4 address. • The AAAA resource record is used to translate the host name to the IPv6 address. • The Pointer (PTR) resource record is the functional opposite of the A record, providing an IP address-to-name mapping, which is found in the reverse lookup zones.
    36. 36. A and AAAA Resource Records
    37. 37. Canonical Name (CNAME) Resource Record • Sometimes called an Alias record, is used to specify an alternative name for the system specified in the Name field.
    38. 38. Canonical Name (CNAME) Resource Record
    39. 39. Mail Exchanger (MX) Resource Records • Identifies the email servers for a domain.
    40. 40. Mail Exchanger (MX) Resource Records
    41. 41. Service Record (SRV) • Enables clients to locate servers that are providing a particular service. – Windows Server 2008 Active Directory clients rely on the SRV record to locate the domain controllers they need to validate logon requests.
    42. 42. Service Record (SRV)
    43. 43. Root Hints • DNS servers resolve DNS queries using local authoritative or cached data. • But if the server does not contain the requested data and is not authoritative for the name in a query, it may perform recursive resolution or return a referral to another DNS server depending on whether the client requested recursion. • The DNS Server service must be configured with root hints to resolve queries for names that it is not authoritative for or for which it contains no delegations. • Root hints contain the names and IP addresses of the DNS servers authoritative for the root zone. You can use the DNS console to manage the list of root servers, as well as the dnscmd command- line utility.
    44. 44. Root Hints • By default, DNS servers use a root hints file, called cache.dns, on Microsoft DNS servers. • The cache.dns file is stored in the %systemroot %System32Dns folder on the server computer. • When the server starts, cache.dns is preloaded into server memory. • By using root hints to find root servers, a DNS server is able to complete recursive queries.
    45. 45. Iterative Query
    46. 46. Recursive Query
    47. 47. DNS Resolver Cache • Any Windows computer, key the following at a command prompt: ipconfig /displaydns: • To purge the cache, key the following at a command prompt: ipconfig /flushdns:
    48. 48. Forwarders • A forwarder is a DNS server on a network used to forward DNS queries for external DNS names to DNS servers outside of that network. • A conditional forwarder forwards queries on the basis of domain name.
    49. 49. Forwarders
    50. 50. Forwarders
    51. 51. Using NsLookup
    52. 52. Using NsLookup
    53. 53. Using NsLookup
    54. 54. Dnscmd Command • You can use the Dnscmd command-line tool to perform most of the tasks that you can do from the DNS console. • This tool can be used to script batch files, to help automate the management and updates of existing DNS server configurations, or to perform setup and configuration of DNS servers. • http://technet.microsoft.com/en-us/library/cc75611
    55. 55. Advanced DNS Server Properties • Advanced DNS server properties refer to the settings that can be configured in the Advanced tab of the DNS Server Properties dialog box. • These properties relate to server-specific features, such as disabling recursion, handling resolution of multi-homed hosts, and achieving compatibility with non-Microsoft DNS servers.
    56. 56. Advanced DNS Server Properties
    57. 57. Summary • DNS names and the DNS protocol are required for Active Directory domains and for compatibility with the Internet. • The DNS namespace is hierarchical and based on a unique root that can have any number of subdo-mains. • An FQDN is the name of a DNS host in this namespace indicating the host’s location relative to the root of the DNS domain tree. – An example of an FQDN is host1.subdomain.microsoft.com.
    58. 58. Summary • A DNS zone is a contiguous portion of a namespace for which a server is authoritative. • A server can be authoritative for one or more zones and a zone can contain one or more contiguous domains. • A DNS server is authoritative for a zone if it hosts the zone, either as a primary or secondary DNS server. • Each DNS zone contains the resource records it needs to answer queries for its portion of the DNS namespace.
    59. 59. Summary • There are several types of DNS servers: primary, secondary, master name, and caching-only.
    60. 60. Summary • A DNS server that hosts a primary DNS zone is said to act as a primary DNS server. • Primary DNS servers store original source data for zones. • With Windows Server 2003, you can implement primary zones in one of two ways: as standard primary zones (zone data is stored in a text file) or as an Active Directory–integrated zone (zone data is stored in the Active Directory database).
    61. 61. Summary • A DNS server that hosts a secondary DNS server is said to act as a secondary DNS server. • Secondary DNS servers are authoritative backup servers for the primary server. • The servers from which secondary servers acquire zone information are called masters. • A caching-only server forwards requests to other DNS servers and hosts no zones, but builds a cache of frequently requested records.
    62. 62. Summary • Recursion is one of the two process types for DNS name resolution. • A DNS client will request that a DNS server provide a complete answer to a query that does not include pointers to other DNS servers, effectively shifting the workload of resolving the query from the client to the DNS server.
    63. 63. Summary • For the DNS server to perform recursion properly, the server needs to know where to begin searching for names in the DNS namespace. • This information is provided by the root hints file, cache.dns, which is stored on the server computer.
    64. 64. Summary • A DNS server on a network is designated as a forwarder by having the other DNS servers in the network forward the queries they cannot resolve locally to that DNS server. • Conditional forwarding enables a DNS server to forward queries to other DNS servers based on the DNS domain names in the queries.

    ×