dns service in server 2008r2
DESCRIPTION
Concepts of DNS in Server 2008R2 and ConfigurationTRANSCRIPT
DNS Services
NAME RESOLUTION
It is a process of Mapping name to IPaddress.
i.e when we give name of the computer,it shows the IP of that computer.
NAME RESOLUTION TECHNIQUES
1.BROADCASTING
2.LMHOST FILE
3.WINS
4.NBTCACHE
5.HOSTFILE
6.DNS
1.BROADCASTING Generates broadcast packets to resolve name to IPaddress.This technique will create unnecessary network traffic.
2.LMHost file manually the entries will be created for each and every computer with respective to
their name and Ipaddress.
Creating entries in lmhost :-
Run ncpa.cpl
Local Area Connection properties
Internet Protocol TCP / IP – Properties
Advanced – WINS Tab
Import lmhost.sam file from C:\windows\system32\drivers\etc - OK
Go to ETC folder open lmhost file from notepad
At the end of file create an entry
Ex : IP Address – Computer Name (192.168.1.1 com1)
Save the file try to resolve by NetBios name
Disadvantage: manually the Netbios enteries should be typed in each and every computer.it takes
more time.
3.WINS It is a name mapping service basically use to map Netbios name to numerical IP
Address. A centralized server will be configured by installing WINS service which contains
the database of NetBIOS names and IPaddresses
4.NBTcache WINS server has a cache called NBTcache.the recently resolved entries will
be present here.the resolution of cached entries are faster when requested from clients.
5.Host file It is a File Which contains IPaddress with FQDN names.
Creating enteries in Host file
C:\windows\system32\drivers\etc - OK
Go to ETC folder open host file from notepad
At the end of file create an entry
Ex : IP Address – FQDN name ( 10.0.0.1 www.rooman.net)
Save the file
DNS Services
5.DNS (Domain Naming System)
Domain naming system is hierarchical distributed database that contains the mapping
of DNS Domain name (FQDN) to IP Address.
www :- Host Name
mail :- CDC
rooman.net :- PDC
mail.rooman.net :-DNS Suffix
www.mail.rooman.net :- FQDN (Fully qualified Domain Name)
The Length of host name is 63 characters.
The length of FQDN is 256 Characters.
DNS is a foundation of the Internet naming scheme. DNS supports alpha numeric
names. DNS is design to solves issues that across when there was increase in the number of
host on the network traffic generate by the update process size of the host file.
The following characters are valid for DNS Names
A – Z
a – z
0 – 9
Hyphen (-)
Domain name spaces are Hierarchical searching of Domains. When the request is
transferring to the domain name space first it will find from root server then to top level
domain. Then second level domain then request will send to particular machine.
Installing DNS Server Service :
Server manager
Roles - add roles – DNS – Install - Finish
com org net
N/W Traders
South East West
Sales
Root Domain
Top Level Domains
Second Level Domains
Sub Domains
Host Server
DNS Services
DNS Query :-
A Query is a request for name resolution to a DNS Server. There are two types of
Queries
Receive and Interactive.
DNS Clients and DNS Servers both initiate a queries for name resolution
An authoritative DNS Server for the Namespace of the Query will either Check the
cache, check the zone and return the requested I P Address.
Return an authoritative “NO”
A non authoritative DNS Server for the namespace of the query will be either
Forward the irresolvable query to a specific query server called a forwarder
Use root hints to locate an answer for two query
Recursive Queries :- It is a query made to a DNS Server in which DNS clients asks the DNS
Server to provide complete answer to the Query
Cache only DNS Server : Caching is the process of temporarily storing recently accessed
information in a special memory sub system for quicker access.
Caching Table :
Host Name IP Address TTL
clientA.contoso.mst 192.168.8.44 28 Seconds
Configuring Root Hint
Note :-Root hint usescache.dns file from C:/windows/system32/dns/cache.dns
Client –A
192.168.8.44
Client -2
Recursive
Query
Client -1
DNS Services
Configuring Root Hint
In DNS Server run dnsmgmt.msc
Select property of computer name
Select root hint tab
Add – enter FQDN name & IP Address of root server
OK – OK
From DNS client – try to resolve the records of root server.
Forwarders :- A Forwarder is a DNS server designed by other internal DNS Servers to
forward queries for resolving external or offsite DNS Domain Names.
Configure Forwarders
In DNS Server run dnsmgmt.msc
Select property of computer name – select forwards tab
Enter the IP address of DNS Server or root server
Add – OK – OK
From DNS Client try to resolve the records of DNS Server & root servers
Clearing DNS Cache in Server Side
In DNS Server
Run dnsmgmt.msc
R/C o Computer name select clear cache.
DNS Zones
It is a container which holds the resource records in order to resolve the information
or a Zone is a portion of DNS Data base that contains the resource records with the owner
name that belongs to the contiguous portion of DNS Name space.
Resource Records :
It is a standard DNS Database structure contains information which is use to process
DNS queries, or It is a information use to resolve Host name to IP Address & vice versa.
The location of DNS Database is C:/windows/system32/DNS
Root
Hint Forwarder
IP 192.168.3.200
DNS Server
A root.com
DNS Server
B root.com DNS Client
IP 192.168.3.10
PDNS : 192.168.3.200
DNS Services
Different resource records
A – Address or host – Resolve a host name to an IP Address
PTR – Pints – Resolves a IP Address to a host name
SOA – Start of Authority – The First record in any zone file
SRV – Service – Resolves names of servers providing services
SOA Records :- Indicates who is the owner of Forward Zone
SRV Service Record :- This Record will identify by prefixed with under score which points
to services for the Active Directory
Ex : _tcp, _udp, _ldap, _Kerberos.
NS : Name Server :- Identifies the DNS Server for each zone
MX – Mail Exchange :- The mail server the request forward to mail server will be redirected
using this record
C name : Canonical or Alias Name – Resolves from a host name to a host name
Zone types :- Forward lookup zone & Reverse lookup zone
Forward Lookup Zone: - It is container which is use to resolve the name to IP Address.
Reverse Lookup Zone: - It is a container which holds the resource records which is use to
resolve IP to Name. Whether it may be a Forward or Reverse lookup zone the sub zone types
are primary zone, secondary zone and Stub Zone.
Primary Zone :- It is a zone type in forward or reverse in order to maintain the resource
record where the records are read, write, copy.
Secondary zone :- It is a copy of DNS Database from primary zone which is a Read only
Database
Creating Primary zone
Run dnsmgmt.msc
R/C on forward lookup zone – New zone – ext
Select Primary zone – uncheck store zone in A/D – Enter Zone name
Zone file – Dynamic update ( It is a process of updating the DNS Client information
automatically in the DNS Server
Allow only Secure Dynamic Updates – If the DNS Client is member
machine then the record of that computer will update in the DNS Server.
Allow both non secure & secure Dynamic Updates :- If DNS Client is a
member or workgroup machine then its information will be updated
automatically in the DNS Server
Don to allow Automatic updates :- Records of DNS Client must configure
manually.
DNS Services
Next – Finish
In DNS Client enter Ipconfig /register dns to register the client computer name into DNS
server.
Configuring Primary Zone I Reverse Lookup Zone
IN DNS Server Run dnsmgmt.msc
Expand computer Name – R/C on Reverse Lookup Zone
Select New Zone – Select zone type as primary zone – Enter network ID – Ecreate
zone file as ex 30.168.192 in – addr.arpa.dns – next
Select dynamic update – next – Finish
Ping –a 192.168.1.1
Creating Secondary Zone
Run dsa.msc
R/C on Forward lookup zone – select new zone
Select zone type as Secondary Zone – Next
Enter the same zone name of primary zone – Next
Enter the master DNS Server IP Address – Add – Next – Finish
Zone Transfer :-
It is a technique of copying the resource records from primary zone to secondary zone
Note :- There will be no Zone Transfer between two Primary zones.
Configuring Zone Transfer:-
From Primary zone Run dnsmgmt.msc
Expand Forward lookup zone – Select Property of Zone
Select zone Transfer Tab
Select allow zone transfer only to the Following server
Enter IP Address of Secondary zone – OK
From Secondary zone run dnsmgmt.msc – R/C on the zone select Transfer from
Master
Active Directory Integrated Zone
An Active Directory integrated zone is a DNS Zone stored inside the Active Directory
Database.
Advantages :-
Stores DNS Zone Data in Active Directory and is thus more secure.
Uses Active Directory replication instead of Zone Transfers
o Zone Replication is a process of updating the DNS Database during Active
Directory Replication
Allows only secure Dynamic Updates
Uses Multi-Master instead of single Master Structure
Zone replication interval is 5 minutes where as interval of zone transfer is 15 minutes
DNS Services
Zone Delegation:-
It is a process of creating the link from Primary Zone of Parent Domain to the Primary
Zone of Child Domain in order to Access the Resource records of Child Domain.
Stub Zone: - It is a process of linking from the primary zone of the Parent Domain to
Secondary Zone of Child Domain in order to access the resource records of Child Domain
even if the Primary Zone is not working.
Zone Delegation: - Configure the DNS Server as Above mentioned scenario.
From the Primary Zone of Parent:- In Domain – Run dnsmgmt.msc – Expand Forward Lookup zone
R/C on Zone Select New Delegation
Enter Delegated Domain name as mail
Add – Enter FQDN name & IP Address of Delegated Domain (Primary Zone of Child
Domain) – Add – OK – Finish
From the Parent Domain try to resolve the Child Domain Resource Records.
DNS
Clients
DNS
Clients
Yahoo.com
Com 1 A 1.1
Com 2 A 1.2
Com3 A 1.3
Com 4 A 1.4
mail.yahoo.com
Com 1 A 1.5
Com 2 A 1.6
Com3 A 1.65
Com 4 A 1.70
Yahoo.com
mail.yahoo.co
m
Trust
Zone
Delegation
DNS Services
Configuring Stub Zone:-
Configure Zone Delegation t Primary Zone of Parent domain
Run dnsmgmt.msc – Expand Forwarder lookup zone – Expand Zone
Select Delegated Domain - Select name server record
R/C – Select Properties – Add – Enter the FQDN & IP Address of Secondary Zone of
Child Domain – OK
Down the Primary zone of Secondary Domain
From Primary Zone of Parent domain try to resolve the record of Child Domain
Aging & Scavenging Parameters
Aging is the process that determines whether a state DNS resource record should be
removed from the DNS Database
Scavenging is the Process of cleaning and removing outdated or extinct names data
from the WINS Database
A Refresh attempt is the process of a computer requesting a refresh on its DNS
Record
Setting Aging & Savaging
In DNS Server Run dnsmgmt.msc
R/C on Zone – Properties
Aging – Select Scavenge state resource record
Ok – yes – OK
Run Manual
Run dnsmgmt.msc – R/C on Server
Scavenge State Resource record
Yes
7 Days 7 Days
No Refresh Interval
Time Stamped
Scavenge Refresh Interval
Jan 1 Jan 8
Aging