Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 6: Designing Name Resolution. Module Overview Collecting Information for a Name Resolution Design Designing a DNS Server Strategy Designing a DNS.

Published byHarold Jennings Modified over 8 years ago

Similar presentations

Presentation on theme: "Module 6: Designing Name Resolution. Module Overview Collecting Information for a Name Resolution Design Designing a DNS Server Strategy Designing a DNS."— Presentation transcript:

1 Module 6: Designing Name Resolution

2 Module Overview Collecting Information for a Name Resolution Design Designing a DNS Server Strategy Designing a DNS Namespace Designing DNS Zone Implementation Designing Zone Replication and Delegation

3 Lesson 1: Collecting Information for a Name Resolution Design Physical Location Considerations for a Name Resolution Design NetBIOS Resources

4 Physical Location Considerations for a Name Resolution Design TypePhysical location consideration Locations Number of locations Hosts Number of hosts at each location DNS servers Existence of any prior DNS servers Active Directory Existence of, or plans to include an Active Directory infrastructure Client computers Location of client computers in relation to a WINS server

5 NetBIOS Resources Identify systems and applications that rely on NetBIOS for name resolution, including:  Windows 98, Windows NT  Windows workgroups that do not implement Active Directory  Some applications and services Determine the impact of removing NetBIOS If NetBIOS is used by a critical application, continue to use WINS

6 Lesson 2: Designing a DNS Server Strategy How Clients Resolve Host Names Consideration for Placing DNS Servers DNS Server Roles Securing DNS Servers

7 How Clients Resolve Host Names Clients can use the following methods to resolve host names: DNS cache (includes contents of HOSTS file) DNS server NetBIOS name resolution methods DNS name resolution is controlled by: Root hints Caching Delegation Forwarding Conditional forwarding

8 Considerations for Placing DNS Servers For DNS server placement, consider: Network traffic over WAN links Availability, if a WAN link fails Redundancy, if a DNS server fails Client impact, if DNS is unavailable Application impact, if DNS is unavailable

9 DNS Server Roles RoleSituation Caching-only servers A remote office has a limited amount of available bandwidth Non-recursive servers You have Internet-facing DNS that are authoritative for one or more zones Forward-only servers You want to manage the DNS traffic between your network and the Internet Conditional forwarders You want DNS clients on separate networks to resolve each others’ names without having to query the DNS server on the Internet

10 Securing DNS Servers Options for securing Microsoft DNS servers: Firewalls, including Windows Firewall Restricting zone transfers Securing dynamic updates Active Directory Integrated zones Forwarding, to limit Internet name resolution

11 Lesson 3: Designing a DNS Namespace DNS Namespace Options Selecting DNS Namespace Option Hosting Options for DNS Guidelines for Designing DNS Namespaces

12 DNS Namespace Options Same Namespace Same Namespace Subdomain Unique Namespace Unique Namespace nwtraders.com nwtraders.localcorp.nwtraders.com nwtraders.com Internal Namespace Internal Namespace Internal Namespace Internal Namespace Internal Namespace Internal Namespace Public DNS Namespace

13 Selecting DNS Namespace Option Unique namespace:  Record synchronization is not required  Existing DNS infrastructure is unaffected  Clearly delineates between internal and external DNS Same namespace: Internal records should not be available externally Records may need to be synchronized between internal and external DNS Subdomain: Record synchronization is not required Contiguous namespace is easy to understand

14 Hosting Options for DNS External and internal DNS are hosted on separate servers One external server host resolves local records only One external server resolves non-local records only Split-Split DNS External and internal DNS are hosted on separate servers Internal DNS servers can forward Internet DNS requests Increased security over complete DNS Split DNS All internal and external on a single server Simple deployment DescriptionOption Complete DNS

15 Guidelines for Designing DNS Namespaces Carefully select your internal namespace before installing Active Directory Use an internal domain that is a sub-domain of the external domain, for simplicity Use unrelated namespaces if you cannot create your internal domain as a subdomain on the external domain Avoid using the same internal and external namespace

16 Lesson 4: Designing DNS Zone Implementation Selecting Zone Types Selecting Zone Data Location Zone Security Considerations

17 Selecting Zone Types Zone type Available disk locations Zone information Use this zone to: Primary Active Directory Replicated to other Active Directory- integrated zones Act as the point of update for the zone Have a read/write copy of the zone information Administer zone information separately File Transferred to secondary zone servers Secondary File Provides limited fault tolerance Have a read-only copy of the zone information Improve availability of primary zones Improve performance at local and remote locations Stub Active Directory Periodically queries the target zone name servers for updates Improve the efficiency of name resolution Simplify DNS administration File

18 Selecting Zone Data Location Used by Active Directory-integrated zones Automatic replication to all domain controllers Allows multiple servers to update zone data Active Directory Used to integrate with traditional DNS Active Directory-integrated zones act as primary to traditional secondary zones Combination Used by traditional primary and secondary zones Chosen for integration into existing infrastructure Does not require server to be a DC Disk

19 Zone Security Considerations Secured dynamic updates in Active Directory Dynamic DNS updates from DHCP DNS client dynamic updates Zone permissions

20 Lesson 5: Designing Zone Replication and Delegation Zone Replication Zone Transfers Zone Delegation

21 Zone Replication Performing incremental replication between DNS servers Adjusting the Active Directory replication schedule Active Directory – integrated zone Replicating between primary and secondary zones Performing an incremental rather than a complete zone transfer Traditional DNS zone Replication optionsZone type Active Directory–Integrated Zones Traditional DNS Zones Active Directory- Integrated Zone Primary Zone Secondary Zone Replication Zone Transfer

22 Zone Transfers Reduce zone transfer impact by: Using fast zone transfers to compress data Replicating outside of peak hours Using incremental zone replication Security options for zone transfers are: Restricting zone transfers Securing zone transfers with VPN or IPSec Using Active Directory-integrated zones to automatically secure replication

Download ppt "Module 6: Designing Name Resolution. Module Overview Collecting Information for a Name Resolution Design Designing a DNS Server Strategy Designing a DNS."

Similar presentations

Chapter 8 Managing Windows Server 2008 Network Services

Chapter 8 Managing Windows Server 2008 Network Services
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.
Objectives Install, configure, and troubleshoot DNS

Objectives Install, configure, and troubleshoot DNS
2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.

2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.
Implementing Domain Name System

Implementing Domain Name System
Describe four (4) services that are part of the TCP/IP protocol suite that would probably be implemented within a network centre to manage: naming within.

Describe four (4) services that are part of the TCP/IP protocol suite that would probably be implemented within a network centre to manage: naming within.
DNS的配置和排错 刘道军老师主讲 Module 1 如有疑问请与我联系: D

DNS的配置和排错 刘道军老师主讲 Module 1 如有疑问请与我联系: D
Chapter 9: Configuring DNS for Active Directory

Chapter 9: Configuring DNS for Active Directory
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
4.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

4.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.

Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 8: Managing and Troubleshooting DNS.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 8: Managing and Troubleshooting DNS.
Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.

Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.
11.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.

Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
Hands-On Microsoft Windows Server 2003 Administration Chapter 9 Administering DNS.

Hands-On Microsoft Windows Server 2003 Administration Chapter 9 Administering DNS.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Chapter 10 Configuring DNS

Chapter 10 Configuring DNS
Domain Name Services Oakton Community College CIS 238.

Domain Name Services Oakton Community College CIS 238.

Similar presentations

Ads by Google