>
 
  
 
Chapter 7: 
 Domain Name System 
 
IST 363 Network Administration
 
Integrated Science and Technology
 
Marshall University
 
 
 
  
 
IST363: Network Administration  
 
 
2  
 
 
Outline 
 
 
   Describe the functions 
   of the Domain Name System
   Install DNS
   Explain the function and 
   types of DNS zones
   Configure a caching-only 
   server to speed host name resolution
   Discuss the integration 
   of Active Directory and DNS, including Dynamic DNS
   Configure and manage a 
   DNS server
 
 
 
 
  
 
IST363: Network Administration  
 
 
3  
 
 
Features of the 
 DNS Service 
 
   The most common method used 
   to resolve host names to IP addresses
   Essential function for Active 
   Directory service, large networks, and for computers accessing the internet;
 
 
-Windows 2000/XP client computers 
 use DNS to find domain controllers, which require clients to log on 
 to Active Directory (AD);
 
-The DNS service on Windows Server 
 2003 has the ability to store DNS information in AD; 
 
 
 
 
  
 
IST363: Network Administration  
 
 
4  
 
 
DNS Implementations 
 
 
   DNS exists in various implementations;
   BIND 
   (Berkeley Internet Name Domain) 
   is the de facto standard for DNS implementation on UNIX and Linux systems
 
 
- The Internet Software Consortium 
 (ISC) is responsible for the maintenance and development of BIND;
 
   Microsoft offers three versions 
   of DNS: the Windows NT4 DNS service, the Windows 2000 DNS service, and 
   the Windows 2003 DNS service
   
     Only Windows 2000 and 2003 
     supports Service Resource Records (SRV records);
     SRV records are required for 
     Active Directory;
 
 
 
 
  
 
IST363: Network Administration  
 
 
5  
 
 
Installing DNS 
 
 
   Windows Server 2003 has the 
   ability to act as a DNS server; 
   Most organizations using Active 
   Directory use Windows for their DNS server
   If no DNS server has been 
   configured for the domain, then the Active Directory Installation wizard 
   asks whether it should install DNS
   
     Provides a easy way to implement 
     DNS in a small organization with a single server;
     In larger organizations, DNS 
     is installed on multiple servers, in this case, DNS must be added to 
     each server individually; 
 
 
 
 
  
 
IST363: Network Administration  
 
 
6  
 
 
Installing DNS 
 (cont00) 
 
   DNS is not automatically added 
   when member servers are promoted to domain controllers 
   Use the Add/Remove Windows 
   Components utility
   Verify that the DNS startup 
   type is set to automatic
 
 
 
 
  
 
IST363: Network Administration  
 
 
7  
 
 
DNS Zones 
 
 
   DNS zones are part of the 
   DNS namespace for which a DNS server is responsible
 
 
    - marshall.edu 
 is used by Marshall to identify computers within Marshall University;
 
    - To store the 
 records for this domain, a zone on the DNS server needs to be created;
 
   Once inside a zone, you can 
   create DNS records
   
     A DNS server contains the 
     zone for the marshall.edu domain;
     A top level DNS server contains 
     the zone for the .edu domain and a DNS record that identifies the DNS 
     server for marshall.edu domain;
     DNS server may also contain 
     subdomains, e.g., ist.marshall.edu, math.marshall.edu, bio.marshall.edu;
     Subdomains are further divisions 
     of the DNS namespace;
 
 
 
 
  
 
IST363: Network Administration  
 
 
8  
 
 
DNS Zones (cont00) 
 
 
   You designate whether a zone 
   will hold records for forward lookups or reverse lookups
   A forward lookup zone holds 
   records for forward lookups
   A reverse lookup zone holds 
   records for reverse lookups
 
 
 
 
  
 
IST363: Network Administration  
 
 
9  
 
 
Primary and Secondary 
 Zones 
 
   It is helpful to keep copies 
   of DNS domain information on more than one server:
   
     Fault tolerance;
     Reduce network traffic, e.g., 
     keep a copy of DNS information at each physical location to reduce WAN 
     traffic;
     
   It is essential that DNS servers 
   automatically synchronize information between them
   
     Automates the process of AD 
     replication;
 
 
 
 
  
 
IST363: Network Administration  
 
 
10  
 
 
Primary and Secondary 
 Zones 
 
   A primary zone 
   is the first zone to be created
 
 
- Contains all the records created;
 
   A secondary zone 
   has copies of primary zone information
   
     Read-only copies of DNS resource 
     records;
     You must edit the primary 
     zone in order to create or modify resource records
     Changes will be copied to 
     secondary zone
 
 
 
 
  
 
IST363: Network Administration  
 
 
11  
 
 
Active Directory-Integrated 
 Zones 
 
   An Active Directory-integrated 
   zone stores information in Active Directory 
   The DNS server must be a domain 
   controller in order to store information in Active Directory
   Storing DNS information in 
   Active Directory offers advantages over traditional primary and secondary 
   zones
   
     Automatic backup of zone 
     information;
     Multimaster replication;
     Increased security;
 
 
 
 
  
 
IST363: Network Administration  
 
 
12  
 
 
Caching-Only DNS 
 Servers 
 
   These servers do not have 
   any zones configured on them
   They exist only to be a local 
   DNS server for client computers
   They cache first-time lookups
   They use cached information 
   for subsequent client requests
   To create a caching-only server, 
   install the DNS Service and do not create any zones
 
 
 
 
  
 
IST363: Network Administration  
 
 
13  
 
 
Active Directory 
 and DNS 
 
   Active Directory requires 
   DNS to function properly
   The most important function 
   that DNS performs for Active Directory is locating services, such as 
   domain controllers
   To simplify management of 
   DNS records for Active Directory, implement Dynamic DNS
 
 
 
 
  
 
IST363: Network Administration  
 
 
14  
 
 
Dynamic DNS 
 
 
   Allows records to be updated 
   on a DNS server automatically
   Windows 2000/XP clients perform 
   their own Dynamic DNS updates
   During the boot process, the 
   clients contact their DNS server to perform a dynamic update
 
 
 
 
  
 
IST363: Network Administration  
 
 
15  
 
 
Testing Dynamic 
 DNS 
 
   Verify that a computer is 
   registering a host name using Dynamic DNS
   Use the DNS snap-in to delete 
   the A record used to map your host name to your IP address;
   Use the ipconfig /registerdns 
   command
 
 
 
 
  
 
IST363: Network Administration  
 
 
16  
 
 
Dynamic DNS and 
 DHCP 
 
   The Dynamic DNS information 
   updated by Windows 2000/XP is negotiated with the DHCP server during 
   the lease process
   By default, a DHCP server 
   running on Windows Server 2003 updates DNS records only for Windows 
   2000/XP clients if requested
 
 
 
 
  
 
IST363: Network Administration  
 
 
17  
 
 
Creating a Root 
 Server 
 
   Create a new Forward Lookup 
   Zone, select primary zone option, uncheck the 00tore the zone in Active 
   Directory00option;
   In the 00one name field00  
   type 0000;
   The DNS snap-in can be used 
   to configure the server for this activity
 
 
 
 
  
 
IST363: Network Administration  
 
 
18  
 
 
Logging 
 
 
   DNS servers are capable of 
   event logging and debug logging
   Event logging records errors, 
   warnings, and information to the event log
   Debug logging records much 
   more detailed information
 
 
 
 
  
 
IST363: Network Administration  
 
 
19  
 
 
Logging (continued) 
 
 
   Event logging options include: 
   
     No events
     Errors only
     Errors and warnings
     No events
     
   Debug logging options include:
   
     Packet direction
     Transport protocol
     Packet contents
     Packet type
 
 
 
 
  
 
IST363: Network Administration  
 
 
20  
 
 
Lab 7 Assignment 
 
 
   Create screenshots of each 
   step after each activity;
   Using the screenshots, write 
   a manual for implementing and managing DNS;
   You can work on this by yourself, 
   but I would suggest that you work with a partner to form a group of 
   two.