CHAPTER
8
USING THE DNS SERVICE
Domain Name System (DNS) is a database that is used in TCP/IP networks to translate computer
names and IP addresses.
NOTE: The DNS Service is not available in Microsoft Windows 2000 Professional. You must have
a computer running one of the Windows 2000 Server products to use Microsoft’s DNS Service.
Lesson 1:
Understanding DNS
DNS is most commonly associated with the Internet. However, private networks use DNS
extensively to resolve computer names and to locate computers within their local networks and
the Internet. DNS provides the following benefits:
- DNS names are user-friendly, which means that they are easier to remember than IP addresses.
- DNS names remain more constant than IP addresses. An IP address for a server can change, but
the server name remains the same.
- DNS allows users to connect to local servers by using the same naming convention as the Internet.
Domain Name Space
The domain name space is the naming scheme that provides the hierarchical structure for the DNS
database. Each node represents a partition of the DNS database. These nodes are referred to as
domains.
The DNS database is indexed by name; therefore, each domain must have a name. As you add
domains to the hierarchy, the name of the parent domain is appended to its child domain (called a
subdomain). Consequently, a domain’s name identifies its position in the hierarchy. For example,
the domain name (see 8.1, page 189),
Sales.Microsoft.com
identifies the sales domain as a subdomain of the Microsoft.com domain and Microsoft as a
subdomain of the com domain. The hierarchical structure of the domain name space consists
of a root domain, top-level domains, second-level domains and host names.
======================================================================
winpro8.html PAGE 2 2001/12/06
Root Domain
The root domain is at the top of the hierarchy and is represented as a period (.)l. The Internet
root domain is managed by several organizations, including Network Solutions, Inc.
Top-Level Domains
Top-level domains are two or three character name nodes. Top-level domains are arranged
by organization type or geographic location.
Top-Level domain Description
gov Government
organizations
com Commercial
organizations
edu Educational
institutions
org Noncommercial
organizations
au Country
code of
Top-level domains can contain second-level domains and host names.
Second-Level Domains
Organizations, such as Network Solutions, Inc. assign and register second-level domains
to individuals and organizations for the Internet.
Second-level domain Description
Ed.gov United
States Department of Education
Microsoft.com Microsoft
Corporation
Standford.com
W3.org World
Wide Web Consortium
Pm.gov.au Prime Minister
of
======================================================================
winpro8.html PAGE 3 2001/12/06
Host Names
Host names refers to specific computers on the Internet or a private network. For example,
in Figure 8.1, page 189, Computer1
is a host name. A host name is the leftmost portion of a
fully qualified domain name (FQDN), which describes the exact position of a host within the
domain hierarchy.
In figure 8.1, Computer1.sales.Microsoft.com. (including the end period, which represents
the root domain) is a FQDN.
DNS uses a host’s FQDN to resolve a name to an IP address.
NOTE: The host name doesn’t have to be the same as the computer name. By default,
TCP/IP setup uses the computer name for the host name, replacing illegal characters, such
as the underscore (_), with a hyphen (-). For the accepted domain naming conventions,
see RFC1035.
Domain Naming Guidelines
When you create a domain name space, consider these guidelines:
- Limit the number of domain levels. Usually 3 or 4 levels.
- Use unique names.
- Use simple names.
- Avoid lengthy domain names. Domain names can be up to 63 characters, including the periods.
- The total length of an FQDN can’t exceed 255 characters. Case-sensitive naming is not
supported.
- Use standard DNS characters
- Windows 2000 supports the following standard DNS characters: A-Z, a-z, 0-9, and the
hyphen (-), as defined in RFC 1035.
The DNS service also supports the Unicode character set. Unicode characters only if all
servers running the DNS Service in your environment support Unicode. For more information
on the Unicode character set, read RFC 2044 by searching for “RFC 2044” with your Web
browser.
www. Microsoft .com
host name 2nd level top level
======================================================================
winpro8.html PAGE 4 2001/12/06
xyz.Sales.Microsoft.com
Host Sub domain 2nd level top level
Host name
]
host 2nd top folder hosted @ ABC
name level level
Zones
A Zone represents a discrete portion of the domain name space. Zones provide a way to
partition the domain name space into manageable sections.
- Multiple zones in a domain name space are used to distribute administrative tasks to
different groups.
- A Zone must encompass a contiguous domain name space. For example, you couldn’t
create a zone that consists of only the sales.Microsoft.com and development.Microsoft.com
domains, because these two domains are not contiguous.
The name-to-IP address mappings for a zone are stored in the zone database file. Each zone
is anchored to a specific domain, which is referred to as the zone’s root domain.
In 2000 Server, you
need a DNS Server.
======================================================================
winpro8.html PAGE 5 2001/12/06
Name Servers
A DNS name server stores the zone database file. Name servers can store data for one
zone or multiple zones. A name server is said to have authority for the domain name space
that the zone encompasses.
One name server contains the master zone database file,
referred to as the primary zone
database file, for the specified zone.
Multiple name servers act as a backup to the name server containing the primary zone
database file. Multiple name servers provide the following advantages:
- Perform zone transfers. The additional name servers obtain a copy of the zone database file
from the name server that contains the primary database zone file.
- Provides redundancy. Primary and secondary zone database.
- Improve access speed for remote locations. If a number of clients are in remote locations,
use additional name servers to reduce query traffic across slow WAN links.
- Reduce the load on the name server containing the primary zone database file.
Lesson Summary:
- DNS is most commonly associated with the Internet
- DNS provides user-friendly DNS names that are less likely to change than IP addresses, and
allowing users to connect to local servers by using the same naming convention as the Internet.
- The DNS is indexed by name, so each domain (node) must have a name. The hierarchical
structure of the domain name space consists of a root domain, top-level domains, second-level
domains, and host names.
- Zones provide a way to divide the domain name space into smaller sections that represent a
discrete portion of the domain name space.
- DNS name server stores the zone database file, that the zone database file is replicated.
Lesson 2:
Understanding Name Resolution
Name resolution is the process of resolving names to IP addresses. Name resolution is similar to
looking up a name in a telephone book, where the name is associated with a telephone number.
The mapping of names to IP addresses is stored in the DNS distributed database.
======================================================================
winpro8.html PAGE 6 2001/12/06
DNA name servers reserve forward and reverse lookup queries. A forward lookup query
resolves a name to an IP address. A reverse lookup query resolves an IP address to a name.
The reverse lookup can be based on security.
When you are on the Internet, the computer caches the IP address so that the next user will
not have to venture out looking for it. This is done for frequently used addresses.
Forward Lookup Query
The DNS Service uses a client/server model for name resolution. To resolve a forward
lookup query, which resolves a name to an IP address, a client passes a query to a local
name server. For example if you are querying www.microsoft.com:
- The client passes a forward lookup query for www.microsoft.com to its local name server.
- The local name server checks its zone database file. The root name server sends back a
referral to the com name server.
- The local name server sends a request to a com name server, which responds with a referral
to the Microsoft name servers.
- The local name server sends a request to the Microsoft name server.
- The name server sends the IP address for www.microsoft.com to the client.
- The name resolution is complete, and the client can access www.microsoft.com
Name Server Caching
When a name server is processing a query, it might be required to send out several queries to
find the answer. When a name server receives a query result, the following actions take place:
The name server caches the query result for a specified amount of time; this is referred to as
Time to Live (TTL).
NOTE: The zone that provided the query result specifies the TTL. The default value is 60
minutes.
Once the name server caches the query result, TTL starts counting down from its original value.
When TTL expires, the name server deletes the query result from its cache.
======================================================================
winpro8.html PAGE 7 2001/12/06
Caching query results enables the name server to resolve other queries to the same portion of the
domain name space quickly.
NOTE: Shorter TTL values help ensure that data about the domain name space is more current
across the network. Shorter TTL values do increase the load on name servers. A long TTL value
decreases the time required to resolve information. However, if a change does occur, the client
will not receive the updated information until the TTL expires and anew query to that portion of the
domain name space is resolved.
Reverse Lookup Query
A reverse lookup query maps an IP address to a name. Troubleshooting tools, such as the nslooup
command-line utility, use reverse lookup queries to report back host names.
Lesson Summary:
- DNS name servers resolve forward lookup queries and what happens when a client queries the name
server for an IP address.
- DNS name servers resolve reverse lookup queries.
- Second-level domain called in-addr.arpa was created. The in-addr.arpa domain follows the same
hierarchical naming scheme as the rest of the domain name space, however, it is based on IP
addresses instead of domain names.
Lesson 3:
Configuring a DNS Client
Since DNS is a distributed database that is used in TCP/IP networks to translate computer names
to IP addresses, you must first install TCP/IP on a client running Windows 2000 Professional before
configuring the client to use the DNS Service.
If you are configuring a local area connection in the Network and Dial-up Connections window,
right-click Local Area Connection, and click properties.
On the General tab, click TCP/IP then click Properties. You must select from the following options:
- Obtain DNS Server Address Automatically. If you select this option you must have a DHCP
Server available.
- Use the Following DNS Server Addresses. You must type in the IP address of the DNS Servers
you want this client to use.
======================================================================
winpro8.html PAGE 8 2001/12/06
Preconfiguration Considerations
If your client is connected to a network that has a DNS server, you can check the following
options on the server that has the DNS service installed:
- Ensure a static IP address has been assigned to the DNS Server.
- Ensure the appropriate IP address of the DNS server and DNS domain name are assigned.
- Click Advanced in the Internet Protocol (TCP/IP ) Properties dialog box to configure the
advanced TCP/IP settings. On the DNS tab, check the assigned DNS address and
domain name.