DNS
More
information can be found on the IP Address Resolution
page
DNS Domain
Name System
Used by TCP/IP
The Internet uses
DNS
Example: www.geocities.com/petemcsa
(This is a FQDN
Fully Qualified
Domain Name as it gives us the exact address of the
computer)
The
DNS namespace
Zones
A zone must cover a contiguous namespace
A DNS server stores a zones database containing the name to IP address mappings
A DNS server can serve multiple zones
There can be multiple DNS servers for one zone
The
Forward look-up query resolution process
Example
look-up www.geocities.com/petemcsa
Client
sends
query for www.geocities.com/petemcsa to local
DNS server |
As
local server has no authority for www.geocities.com/petemcsa
it forwards the query to the root
DNS server which returns referral
to com DNS server. |
Com
DNS server is contacted and returns referral to
www.geocities.com DNS server. |
geocities.com
DNS
server is contacted and because it has
authority for that namespace portion it sends back IP address
of www.geocities.com/petemcsa to local DNS server |
Local
DNS server
forwards IP address to client. |
Resolution
process finished, client uses IP address
to contact www.geocities.com/petemcsa directly.
|
Name
server caching
As a name server
process a query it discovers the IP address of severs that have authority
over portions of the namespace and it caches this information to make
future queries quicker.
This
cached information expires after a certain time.
Caching
and TTL
Default TTL = 60 mins
TTL specified by name server providing the information
Reverse
Look-up Zones
All end in in-addr.arpa
eg 2.168.192.in-addr.arpa
Not required
but needed by nslookup
Zone
Types
Standard Primary
updates only happen here
holds master copy of zone datafile in text format file located by default
at \winnt\system32\DNS\zonename.dns
eg \winnt\system32\DNS\microsoft.com.dns
Standard Secondary
holds copy of existing zone datafile (text format)
gets its zone file from the Master Name server
file stored as above
Active Directory Integrated
zone stored as part of the AD database
AD
Integrated Zones
As zone part
of AD it is replicated to all DCs during AD multi-master replication
No single point
of failure
Updates can
happen at any DC running DNS with the zone configured
DDNS
- DynamicDNS
DDNS
Zones can be
configured for DDNS
No Does not allow dynamic updates
Yes Allows dynamic updates
Only Secure Updates (AD Integrated zones only) Only machines with an account in the
AD can dynamically update
DDNS
IN ACTION
The client updates
the DNS server
IP address changes
DHCP lease changed or refreshed (ipconfig
/renew)
Forced by ipconfig /registerdns
Reboot
Computer name change
Win2k clients update every 24 hours
Common
Resource Record types
Common
Resource Record types
Scavenging
Killing the old!
By default only
applies to dynamically updated records
deletes old
out-of-date records
Clients do not
dynamically delete their records when the shutdown
Should be set
at the server and zone level
Zone
Replication and Transfer
Additional servers
god for:
Redundancy
Load balancing
Traffic management (WAN links)
Two
types of zone transfer
Full
(AXFR)
Incremental
(IXFR)
Zone
Replication and Transfer
Zone transfer
can be manually initiated
Zone
transfer happens when:
Starting DNS service on secondary server
Refresh interval for zone expires
Changes made to primary zone and notify
is configured
Troubleshooting
DNS
DNS log in Event Viewer
Additional logging
options (disabled by default) can be configured in DNS and write events
to the file:
\winnt\system32\DNS\dns.log
this should be used with caution as a huge file can be created and performance
affected
Nslookup command
ipconfig
Ipconfig
/flushdns empties the DNS cache
Ipconfig
/displaydns displays the contents of the DNS cache
Ipconfig
/registerdns refreshes the DHCP lease and reregisters
with DNS