of 24
8/14/2019 Basic DNS
1/24
8/14/2019 Basic DNS
2/24
2
OverviewOverview
DNS ReviewDNS Review
Domain NamespaceDomain Namespace
ZonesZones DNS FilesDNS Files
Resource RecordsResource Records
8/14/2019 Basic DNS
3/24
3
Original name resolution throughOriginal name resolution through HOSTS.TXT FileHOSTS.TXT File
Flat name spaceFlat name space DNS Design GoalsDNS Design Goals
Hierarchical name spaceHierarchical name space
Distribution of data and administrationDistribution of data and administration
Extensible data typesExtensible data types Unlimited database sizeUnlimited database size
DNS ReviewDNS Review
8/14/2019 Basic DNS
4/24
4
Domain Name SpaceDomain Name Space
com mil org
navywhitehouse
gov
microsoft
acme
supportdevrhino
Managed by InterNIC
Microsoft Domain -
Managed by Microsoft
edu
uw mit
8/14/2019 Basic DNS
5/24
5
ZonesZones
microsoft
ftpdev
comorg
mil
microsoft.com.
zone
microsoft.com.
domain
dev.microsoft.com.
zone
8/14/2019 Basic DNS
6/24
6
DNS FilesDNS Files
Zone Database FilesZone Database Files
Cache FileCache File
Reverse Lookup FilesReverse Lookup Files
Boot FileBoot File DNS Manager can now be used with bootDNS Manager can now be used with boot
filefile
8/14/2019 Basic DNS
7/24
8/14/2019 Basic DNS
8/24
8
Dynamic Domain Name System (DDNS)Dynamic Domain Name System (DDNS)
DNS for Windows 2000 ServerDNS for Windows 2000 Server SRV resource recordsSRV resource records
Naming specificationNaming specification
Name resolutionName resolution
Installation & configurationInstallation & configuration
Zone transfers (AXFR & IXFR)Zone transfers (AXFR & IXFR)
Services integrationServices integration
Dynamic updateDynamic update
8/14/2019 Basic DNS
9/24
9
Domain Controller (SRV) RecordsDomain Controller (SRV) Records
Finding a domainFinding a domaincontrollercontroller
SRV recordsSRV records The MS-DCS domainThe MS-DCS domain
namename Locating specificLocating specific
serversservers
A recordsA records
CNAME recordsCNAME records
Local
Name
Server
DomainController
DNS Client
Query to local name
server forldap.tcp.nt.microsoft
.com.
8/14/2019 Basic DNS
10/24
10
Windows 2000 DNS NamingWindows 2000 DNS NamingSpecificationsSpecifications
Naming StandardsNaming Standards RFC 1123 standardsRFC 1123 standards UnicodeUnicode support for non-ASCII charactersupport for non-ASCII character
setssets
Domain NamesDomain Names Primary DNS domainPrimary DNS domain Possible to have one domain name perPossible to have one domain name per
adapteradapter
Host NamesHost Names May have multiple FQDNsMay have multiple FQDNs Same as NetBIOS nameSame as NetBIOS name
8/14/2019 Basic DNS
11/24
11
Client Name ResolutionClient Name Resolution
Multiple Fully Qualified Domain NamesMultiple Fully Qualified Domain Names Primary DNS domain namePrimary DNS domain name
Adapter DNS domain nameAdapter DNS domain name
Four different names possible in a queryFour different names possible in a query NullNull
Fully qualifiedFully qualified
Unqualified single-labelUnqualified single-label
Unqualified multi-labelUnqualified multi-label
Client caches query resultsClient caches query results
8/14/2019 Basic DNS
12/24
12
Name Resolution QueriesName Resolution Queries
whitehouse
gov
www
Root
NameServer
gov
NameServer
whitehouse.gov
Name Server
DNS Client
Recursive
Query
Iterative
Queries
1
2 3
4
5
678
8/14/2019 Basic DNS
13/24
13
Installing Microsoft Windows 2000 DNS ServiceInstalling Microsoft Windows 2000 DNS Service
Installation ProcessInstallation Process \\%systemroot%%systemroot%\system32\DNS directory\system32\DNS directory
created for Zone file storagecreated for Zone file storage
\HKLM\System\CurrentControlSet\Services\DNS\HKLM\System\CurrentControlSet\Services\DNSregistry key addedregistry key added
DNS ManagerDNS Manager now MMC Snap-innow MMC Snap-in Root Server creates default in-addrRoot Server creates default in-addr
zoneszones
0.in-addr.arpa0.in-addr.arpa 127.in.addr.arpa127.in.addr.arpa
255.in-addr.arpa255.in-addr.arpa
Cached lookups can be displayedCached lookups can be displayed
8/14/2019 Basic DNS
14/24
14
Customizing Microsoft Windows 2000 DNS ServiceCustomizing Microsoft Windows 2000 DNS Service
InterfacesInterfaces AdvancedAdvanced
Disable RecursionDisable Recursion
Bind SecondariesBind Secondaries Fail On Load If Bad Zone DataFail On Load If Bad Zone Data
Enable Round RobinEnable Round Robin
Enable Netmask OrderingEnable Netmask Ordering
Name CheckingName Checking Boot MethodBoot Method
Statistics, Logging, and MonitoringStatistics, Logging, and Monitoring
8/14/2019 Basic DNS
15/24
15
Setting Up Zones and DomainsSetting Up Zones and Domains
Configuring reverse lookup zonesConfiguring reverse lookup zones
Configuring forward lookup zonesConfiguring forward lookup zones
Adding subdomains to the zoneAdding subdomains to the zone
Adding host records to the zoneAdding host records to the zone
8/14/2019 Basic DNS
16/24
16
Zone TransfersZone Transfers
Full Zone TransfersFull Zone Transfers Copy entire zone to secondary serverCopy entire zone to secondary server
Incremental Zone TransfersIncremental Zone Transfers
Copy only changes to secondary serverCopy only changes to secondary serverbased upon cached historybased upon cached history
Must be supported at master andMust be supported at master andsecondary serverssecondary servers
DNS NotifyDNS Notify
8/14/2019 Basic DNS
17/24
17
Dynamic DNSDynamic DNS
Local
NameServer
DNS Dynamic
Update Client Source: 157.57.64.198Destination: 157.57.70.10
UPDATE:
hostb.nt.microsoft.com. IN A157.57.64.198
PREREQUISITES:Name is not in use:
hostb.nt.microsoft.com.
DynamicUPDATErequest
8/14/2019 Basic DNS
18/24
18
Secure Dynamic DNS UpdatesSecure Dynamic DNS Updates
Zones may be configured to useZones may be configured to useSecure Updates.Secure Updates.
Allows specified computers, users,Allows specified computers, users,and groups to add or modify zoneand groups to add or modify zoneentries.entries.
Secure Updates must be enabled inSecure Updates must be enabled inthe Active Directorythe Active Directory..
Modify specific containers as needed:Modify specific containers as needed: DnsZone ContainerDnsZone Container DnsDomain ContainerDnsDomain Container
8/14/2019 Basic DNS
19/24
19
Services Integration with Dynamic DNSServices Integration with Dynamic DNS
DNS
Service
WINS
Service
DHCP
Service
Active Directory
Service
8/14/2019 Basic DNS
20/24
8/14/2019 Basic DNS
21/24
21
DHCP IntegrationDHCP Integration
FQDN Option (DHCP Option 81).FQDN Option (DHCP Option 81). Clients can register A and have DHCPClients can register A and have DHCP
register PTR.register PTR. DHCP registers both A and PTR record.DHCP registers both A and PTR record. Client can request to register A, but DHCPClient can request to register A, but DHCP
overrides request and registers both A andoverrides request and registers both A andPTR records.PTR records.
Microsoft clients will register A and haveMicrosoft clients will register A and haveDHCP register PTR.DHCP register PTR.
DHCP is configurable to clean up ADHCP is configurable to clean up Aand PTR records upon lease expiration.and PTR records upon lease expiration. DHCP is configurable to register A andDHCP is configurable to register A and
PTR for legacy clients.PTR for legacy clients.
8/14/2019 Basic DNS
22/24
22
Active Directory Service IntegrationActive Directory Service Integration
BenefitsBenefits Single name space and replicationSingle name space and replicationtopologytopology
Multi-master replicationMulti-master replication
DNS Storage in the ADSDNS Storage in the ADS System container at the root of the NTSystem container at the root of the NTdomaindomain
Administrator access by defaultAdministrator access by default SecuritySecurity
DNS Server Operations and the ActiveDNS Server Operations and the ActiveDirectoryDirectory Primary, master, and secondary serversPrimary, master, and secondary servers Client registrationsClient registrations
8/14/2019 Basic DNS
23/24
23
ReviewReview
DNS reviewDNS review Domain controller recordsDomain controller records
Naming specificationsNaming specifications
Client name resolutionClient name resolution InstallationInstallation
Zone transfersZone transfers
Dynamic DNSDynamic DNS Services integrationServices integration
8/14/2019 Basic DNS
24/24
24
