Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 5: Planning a DNS Strategy. Overview Planning DNS Servers Planning a Namespace Planning Zones Planning Zone Replication and Delegation Integrating.

Published byDavid Casey Modified over 8 years ago

Similar presentations

Presentation on theme: "Module 5: Planning a DNS Strategy. Overview Planning DNS Servers Planning a Namespace Planning Zones Planning Zone Replication and Delegation Integrating."— Presentation transcript:

1 Module 5: Planning a DNS Strategy

2 Overview Planning DNS Servers Planning a Namespace Planning Zones Planning Zone Replication and Delegation Integrating DNS and WINS

3 Lesson: Planning DNS Servers Multimedia: How DNS Clients Resolve Names Determining DNS Server Requirements Determining DNS Server Placement Multimedia: Resolving Names with a DNS Server DNS Server Roles Levels of Securing Microsoft DNS Servers Guidelines for Planning a DNS Server

4 Multimedia: How DNS Clients Resolve Names The objective of this presentation is to explain how DNS clients resolve HOST names to IP addresses You will learn how to:  Explain the functionality of a DNS server in a routed network  Identify a fully qualified domain name  Explain the process for using a DNS server to resolve a HOST name to an IP address

5 Determining DNS Server Requirements Planning server capacity DNS server system requirements

6 Determining DNS Server Placement DNS server placement How many servers should you have?

7 Multimedia: Resolving Names with a DNS Server The objective of this presentation is to explain the process for resolving names with a DNS server You will learn how to:  Explain the functionality of a DNS server  Define the process for name resolution using a DNS server  Identify the query types  Explain DNS and WINS integration

8 DNS Server Roles RoleSituation Caching-only servers A remote office has a limited amount of available bandwidth Non-recursive servers You have Internet-facing DNS that are authoritative for one or more zones Forward-only servers You want to manage the DNS traffic between your network and the Internet Conditional forwarders You want DNS clients in separate networks to resolve each others’ names without having to query the DNS server on the Internet

9 Levels of Securing Microsoft DNS Servers Security levelDefinition Low-level security Does not have any security precautions configured Medium-level security Uses the DNS security features available without running DNS servers on domain controllers and storing DNS zones in Active Directory High-level security Uses the same configuration as medium-level security, and also uses the security features available when the DNS server service is running on a domain controller and DNS zones are stored in Active Directory

10 Guidelines for Planning a DNS Server Determine server requirements Determine the level of security to implement Determine DNS server placement Determine server functionality

11 Practice: Planning DNS Server Security In this practice, you will plan a DNS namespace based on a specific scenario and discuss the challenges presented by the plan

12 Lesson: Planning a Namespace Multimedia: A Planning DNS Namespace Strategy Choosing a Domain Name DNS Namespace Options Best Practices for Namespace Planning Guidelines for Planning a Namespace

13 Multimedia: Planning a DNS Namespace Strategy The objective of this presentation is to provide guidelines for planning a DNS namespace You will learn:  How to separate internal and external namespaces  How to apply guidelines for integrating an Active Directory namespace and DNS namespace  How to identify a public namespace  Why the authoritative DNS server requires WINS records  The importance of planning a hierarchical namespace

14 Choosing a Domain Name When choosing a domain name, consider:  ICANN maintains authority for top-level domains  Standard naming conventions  Individual namespace requirements  Uniqueness of domain names

15 DNS Namespace Options Same Namespace Same Namespace Delegated Namespace Delegated Namespace Unique Namespace Unique Namespace Existing DNS Namespace nwtraders.com nwtraders.local corp.nwtraders.comnwtraders.com Internal Namespace Internal Namespace Internal Namespace Internal Namespace Internal Namespace Internal Namespace

16 Best Practices for Namespace Planning Use distinguished names Create an Active Directory-compatible namespace Separate internal and external namespaces

17 Guidelines for Planning a Namespace Select a DNS namespace for your domain Maintain namespace separation on internal and external servers Use different namespaces for internal and external use

18 Practice: Planning a DNS Namespace In this practice, you will plan a DNS namespace based on a specific scenario, and discuss the challenges presented by the plan

19 Lesson: Planning Zones Selecting Zone Types Selecting Zone Data Location Zone Security Considerations Guidelines for Planning Zones

20 Selecting Zone Types Zone type Available disk locations Zone informationUse this zone to: Primary Active Directory Replicated to other Active Directory- integrated zones Act as the point of update for the zone Have a read/write copy of the zone information Administer zone information separately File Transferred to secondary zone servers Secondary Provides limited fault tolerance Have a read-only copy of the zone information Improve availability of primary zones Improve performance at local and remote locations Stub Active Directory Periodically queries the target zone name servers for updates Improve the efficiency of name resolution Simplify DNS administration File

21 Selecting Zone Data Location Chosen when integrating into existing Active Directory structure Single point of support for DNS and Active Directory Chosen when integrating into existing Active Directory structure Single point of support for DNS and Active Directory Active Directory- Integrated Zone Chosen when root server is traditional DNS Supports Active Directory–integrated zones as a delegated domain Chosen when root server is traditional DNS Supports Active Directory–integrated zones as a delegated domain Combination of Both Zone Types Chosen for integration into existing infrastructure Separate support for DNS and Active Directory Chosen for integration into existing infrastructure Separate support for DNS and Active Directory Traditional DNS Zone

22 Zone Security Considerations Secured dynamic updates in Active Directory Dynamic DNS updates from DHCP DNS client dynamic updates Zone permissions

23 Guidelines for Planning Zones Determine zone type Determine zone integration requirements Determine zone storage location Determine zone security requirements

24 Practice: Planning Zones In this practice, you will plan a DNS zone based on a specific scenario and then discuss the challenges of the task

25 Lesson: Planning Zone Replication and Delegation When to Create a Secondary Zone Zone Transfers and Replication Zone Transfer Security Measures Zone Delegation Guidelines for Planning Zone Replication and Delegation

26 When to Create a Secondary Zone Create a secondary zone when you want to:  Provide zone redundancy  Reduce DNS network traffic  Reduce loads on a primary server for a zone

27 Zone Transfers and Replication Zone typeReplication options Active Directory– integrated zone Performing incremental replication between DNS servers Adjusting the Active Directory replication schedule Traditional DNS zone Replicating between primary and secondary zones Performing an incremental rather than a complete zone transfer Active Directory–Integrated Zones Traditional DNS Zones Active Directory-- Integrated Zone Primary Zone Secondary Zone Replication Zone Transfer

28 Zone Transfer Security Measures Restricting zone transfers Zone replication security Encryption using IPSec and VPN tunnels Encryption and authentication using Active Directory Reducing the impact of replication

29 Zone Delegation Provides the option of dividing the namespace into one or more zones Use additional zones when you have:  A need to delegate management of part of your DNS namespace  A need to divide one large zone into smaller zones

30 Guidelines for Planning Zone Replication and Delegation Identify when to create additional zones Determine replication methodology Determine replication security requirements Determine the need for delegating a zone

31 Practice: Planning Zone Replication and Delegation In this practice, you will:  Plan zone replication and delegation  Discuss the challenges of planning zone replication and delegation

32 Lesson: Integrating DNS and WINS Multimedia: Integrating DNS and WINS WINS Integration Modifying Cache Timeout Settings WINS Integration Best Practices

33 Multimedia: Integrating DNS and WINS The objective of this presentation is to explain the name resolution process when a DNS zone is configured for WINS forward lookup You will learn:  How a DNS server can use WINS to resolve host names  Why the authoritative DNS server requires WINS records

34 WINS Integration WINS resource records WINS-R resource records WINS reverse lookup

35 Modifying Cache Timeout Settings Modify Cache Timeout Value if WINS information rarely changes Lengthen Cache Timeout Value to reduce the number of queries between DNS and WINS servers

36 WINS Integration Best Practices Designate a subdomain for WINS resolution Delegate unresolved DNS queries to a subdomain Specify WINS server in zone configuration Designate a subdomain for WINS resolution Delegate unresolved DNS queries to a subdomain Specify WINS server in zone configuration

37 Lab A: Planning a DNS Strategy Exercise 1: Planning DNS Configuration for Internal and External Namespaces

Download ppt "Module 5: Planning a DNS Strategy. Overview Planning DNS Servers Planning a Namespace Planning Zones Planning Zone Replication and Delegation Integrating."

Similar presentations

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.
Objectives Install, configure, and troubleshoot DNS

Objectives Install, configure, and troubleshoot DNS
2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.

2.1 Installing the DNS Server Role Overview of the Domain Name System Role Overview of the DNS Namespace DNS Improvements for Windows Server 2008 Considerations.
Implementing Domain Name System

Implementing Domain Name System
DNS的配置和排错 刘道军老师主讲 Module 1 如有疑问请与我联系: D

DNS的配置和排错 刘道军老师主讲 Module 1 如有疑问请与我联系: D
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 2: Name Resolution and DNS.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 2: Name Resolution and DNS.
Chapter 9: Configuring DNS for Active Directory

Chapter 9: Configuring DNS for Active Directory
4.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

4.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.

Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 8: Managing and Troubleshooting DNS.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 8: Managing and Troubleshooting DNS.
Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.

Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.
11.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,

11.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 11: Introducing WINS, DNS,
Hands-On Microsoft Windows Server 2003 Administration Chapter 9 Administering DNS.

Hands-On Microsoft Windows Server 2003 Administration Chapter 9 Administering DNS.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 5 Introduction to DNS in Windows Server 2008.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Module 2: Designing an Active Directory Naming Strategy.

Module 2: Designing an Active Directory Naming Strategy.
Module 12: Domain Name System (DNS)

Module 12: Domain Name System (DNS)
Chapter 10 Configuring DNS

Chapter 10 Configuring DNS
Domain Name Services Oakton Community College CIS 238.

Domain Name Services Oakton Community College CIS 238.
Windows Server 2008 Chapter 8 Last Update 2012.05.31 1.0.0.

Windows Server 2008 Chapter 8 Last Update

Similar presentations

Ads by Google