Presentation is loading. Please wait.

Presentation is loading. Please wait.

DNS DNS overview DNS operation DNS zones. DNS Overview Name to IP address lookup service based on Domain Names Some DNS servers hold name and address.

Published byEvan Andrews Modified over 8 years ago

Similar presentations

Presentation on theme: "DNS DNS overview DNS operation DNS zones. DNS Overview Name to IP address lookup service based on Domain Names Some DNS servers hold name and address."— Presentation transcript:

1 DNS DNS overview DNS operation DNS zones

2 DNS Overview Name to IP address lookup service based on Domain Names Some DNS servers hold name and address information for a given portion of the domain namespace in a file Portion of namespace containing names and addresses that are contained in a single file is called a zone File containing names and addresses within a zone is called zone file

3 DNS operation The scenario Recursive vs iterative queries The lookup process

4 The Scenario Workstation configuration Resolver software Local DNS server Root servers Authoritative servers

5 Recursive vs Iterative Queries Recursive query Iterative query

6 The lookup process Workstation sends recursive query for www.microsoft.com Local DNS server sends iterative query to root server Root server responds with address of.com server Local DNS server sends iterative query to.com server.com server responds with address of microsoft.com server Local DNS server sends iterative query to microsoft.com server microsoft.com server responds with address of host named www Local DNS server sends address of www host to workstation Preferred DNS server caches all address information returned by other DNS servers Client caches information

7 Resolving a Forward Lookup Query

8 Name Server Caching

9 Time to Live (TTL) Use shorter TTL values to help ensure that data about the domain namespace is more current across the network. Shorter TTL values increase the load on name servers. Longer TTL values decrease the time required to resolve information. If a change occurs, the client will not receive the updated information until the TTL expires and a new query to that portion of the domain namespace is resolved.

10 DNS Zones Forward lookup Contains names with associated IP addresses Enable forward lookup queries. At least one forward lookup zone must be configured for the DNS service to work. Active Directory Installation Wizard can automatically create a forward lookup zone based on the DNS name you specified for the server. Reverse lookup Contains IP addresses with associated DNS names

11 Zone Name A zone is typically named after the highest domain in the hierarchy that the zone encompasses; the root domain for the zone. For a zone that encompasses both microsoft.com and sales.microsoft.com, the zone name would be microsoft.com.

12 Zone File A zone file must be specified for the standard primary forward lookup zone type. The zone file is the zone database file name, which defaults to the zone name with a.dns extension. An existing zone file can be imported when migrating a zone from another server. Place the existing file in the systemroot\System32\DNS directory on the target computer before creating the new zone.

13 Primary vs secondary zones Primary zone contains records in file Secondary zone receives records from another server Zone transfer causes transfer from master server to secondary Master server can be other secondary

14 Zone Type: Standard Primary Master copy of a new zone stored in a standard text file Administered and maintained on the computer on which the zone is created

15 Zone Type: Standard Secondary Replica of an existing zone. Read-only; stored in standard text files. Primary zone must be configured to create a secondary zone. Must specify DNS server, called the master server, that will transfer zone information to the name server containing the standard secondary zone. Create a secondary zone to provide redundancy and to reduce the load on the name server containing the primary zone database file.

16 Reasons to Use Additional Zones A need exists to delegate management of part of the DNS namespace to another location or department within the organization. A need exists to divide one large zone into smaller zones for distributing traffic loads among multiple servers, improve DNS name resolution performance, or create a more fault-tolerant DNS environment. A need exists to extend the namespace by adding numerous subdomains at once, such as to accommodate the opening of a new branch or site.

17 Zone Transfers Incremental vs full - Originally DNS only supported full transfer. Microsoft supports incremental transfer. Initial transfer is full

18 Reverse Zones Based on IP addresses, not domain names Named using the IP address reversed added to the name In-addr.arpa

19 In-addr.arpa Domain Follows the same hierarchical naming scheme as the rest of the domain namespace. Subdomains are named after the numbers in the dotted-decimal representation of IP addresses. Order of the IP address octets is reversed. Companies administer subdomains of the in- addr.arpa domain based on their assigned IP addresses and subnet mask.

20 Reverse Zone File Must be specified for the standard primary reverse lookup zone type. Network ID and subnet mask determine the default zone file name. DNS reverses the IP octets and adds the in-addr.arpa suffix. For a network ID of 169.254, the reverse lookup zone for the 169.254 network becomes 254.269.in- addr.arpa.dns. The existing zone file may be imported when migrating a zone from another server. The existing zone file must be placed in the systemroot\System32\DNS directory.

21 Reverse Lookup Query Maps an IP address to a name. NSLOOKUP command-line DNS utility uses reverse lookup queries to report back host names. Certain applications implement security based on the ability to connect to names, not IP addresses. DNS is indexed by name, not by IP address. A reverse lookup query would require an exhaustive search of every domain name because the DNS distributed database is indexed by name and not IP address. Special second-level domain called in-addr.arpa was created to solve the problem of finding a name that matches an IP address.

22 Active Directory Integrated Zone Information stored in AD Replicated with AD AD integrated zones are multimaster Can be sent to all DCs Can be sent to all DNS servers in domain Can be sent to all DNS servers in forest Sent encrypted

23 Benefits of Active Directory–Integrated Zones Fault tolerance Security - control access as to who can modify zones Zones are replicated and synchronized to new domain controllers automatically whenever a new zone is added to an Active Directory domain. By integrating storage of your DNS namespace in Active Directory, you simplify planning and administration for both DNS and Active Directory. Directory replication is faster and more efficient than standard DNS replication.

24 Frequently Used Resource Record Types Host (A): Lists host name-to-IP address mappings Alias (CNAME): Creates alias or canonical name Mail Exchanger (MX): Identifies mail exchanger Name Server (NS): Lists name servers for domain Pointer (PTR): Points to another part of the domain Service (SRV): Identifies servers hosting services Start of Authority (SOA): Identifies authoritative source

25 DNS Security Options Allowing only secure dynamic updates Zone transfer Only to servers listed in NS resource records Only to specified IP addresses Notify list

26 Managing DNS Using DNS console Using nslookup Command prompt mode Interactive mode

27 Thank You Md Shaifullah Palash MCTS, MCSA, MCSE (Infra, Messaging, Communication)

Download ppt "DNS DNS overview DNS operation DNS zones. DNS Overview Name to IP address lookup service based on Domain Names Some DNS servers hold name and address."

Similar presentations

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.
Web Server Administration

Web Server Administration
2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.

2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.
Implementing Domain Name System

Implementing Domain Name System
Web Server Administration Chapter 4 Name Resolution.

Web Server Administration Chapter 4 Name Resolution.
Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.

Domain Name System. DNS is a client/server protocol which provides Name to IP Address Resolution.
1 DNS. 2 BIND DNS –Resolve names to IP address –Resolve IP address to names (reverse DNS) BIND –Berkeley Internet Name Domain system Version 4 is still.

1 DNS. 2 BIND DNS –Resolve names to IP address –Resolve IP address to names (reverse DNS) BIND –Berkeley Internet Name Domain system Version 4 is still.
DNS的配置和排错 刘道军老师主讲 Module 1 如有疑问请与我联系: D

DNS的配置和排错 刘道军老师主讲 Module 1 如有疑问请与我联系: D
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 2: Name Resolution and DNS.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 2: Name Resolution and DNS.
Chapter 9: Configuring DNS for Active Directory

Chapter 9: Configuring DNS for Active Directory
4.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

4.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.

Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 8: Managing and Troubleshooting DNS.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 8: Managing and Troubleshooting DNS.
11.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Hands-On Microsoft Windows Server 2003 Administration Chapter 9 Administering DNS.

Hands-On Microsoft Windows Server 2003 Administration Chapter 9 Administering DNS.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Module 12: Domain Name System (DNS)

Module 12: Domain Name System (DNS)
DNS Domain Name Service References: Wikipedia 1.

DNS Domain Name Service References: Wikipedia 1.
Chapter 10 Configuring DNS

Chapter 10 Configuring DNS

Similar presentations

Ads by Google