Windows Server 2003 DNS ????????? - PowerPoint PPT Presentation

About This Presentation
Title:

Windows Server 2003 DNS ?????????

Description:

Lookup Types. Forward Lookup. Requires name-to-address resolution. Reverse Lookup. Requires address-to-name resolution. How Recursive Queries Work. Computer1 ... – PowerPoint PPT presentation

Number of Views:1446
Avg rating:3.0/5.0
Slides: 32
Provided by: Micro244
Category:

less

Transcript and Presenter's Notes

Title: Windows Server 2003 DNS ?????????


1
Windows Server 2003DNS ?????????
  • ???
  • jeffl_at_ms11.hinet.net

2
What Is a Domain Namespace?
Root Domain
com
org
net
Top-Level Domain
nwtraders
Second-Level Domain
south
west
east
Subdomains
sales
FQDN server1.sales.south.nwtraders.com
Host server1
3
Overview of the DNS Query Process
4
How Recursive Queries Work
A recursive query is a query made to a DNS
server, in which the DNS client asks the DNS
server to provide a complete answer to the query
DNS server checks the forward lookup zone and
cache for an answer to the query
Database
Local DNS Server
5
How Iterative Queries Work
An iterative query is a query made to a DNS
server in which the DNS client requests the best
answer that the DNS server can provide without
seeking further help from other DNS servers. The
result of an iterative query is often a referral
to another DNS server lower in the DNS tree
Iterative Query
Root Hint (.)
Local DNS Server
Ask .com
Iterative Query
.com
Ask nwtraders.com
Recursive query for mail1.nwtraders.com
Iterative Query
172.16.64.11
Authoritative Response
Computer1
nwtraders.com
6
How Root Hint Works
Root hints are DNS resource records stored on a
DNS server that list the IP addresses for the DNS
root servers
Corp. or ISP DNS Servers
InterNIC Root (.) Servers
Root Hints
Local DNS Server
com
microsoft
Computer1
7
How Forwarders Work
A forwarder is a DNS server designated by other
internal DNS servers to forward queries for
resolving external or offsite DNS domain names
Iterative Query
Forwarder
Root Hint (.)
Ask .com
Iterative Query
.com
Ask nwtraders.com
Recursive Query
172.16.64.11
Iterative Query
Authoritative Response
172.16.64.11
Recursive query for mail1.nwtraders.com
nwtraders.com
Local DNS Server
Computer1
8
What Is a DNS Zone?
9
What Are DNS Zone Types?
Zones Description
Primary Read/write copy of a DNS database
Secondary Read-only copy of a DNS database
Stub Copy of a zone containing limited records
Read/Write
Read-Only
Copy of limited records
10
Selecting Zone Data Location
11
Configuring Standard Zones
  • You can configure a DNS server to host standard
    primary zones, standard secondary zones, or any
    combination of zones
  • You can designate a primary server or a secondary
    server as a master server for a standard
    secondary zone

Primary Zone
DNS Server A
A
Zone Information
DNS Server B
DNS Server C
Secondary Zone (Master DNS Server DNS Server A)
Secondary Zone (Master DNS Server DNS Server A)
B
C
12
What Are Resource Records and Record Types?
Record type Description
A Resolves a host name to an IP address
PTR Resolves an IP address to a host name
SOA The first record in any zone file
SRV Resolves names of servers providing services
NS Identifies the DNS server for each zone
MX The mail server
CNAME Resolves from a host name to a host name
13
Zone Transfer Process
  • A Zone Transfer is Initiated When
  • A master DNS server sends notification of zone
    changes to the secondary server or servers
  • The secondary server queries a master DNS server
    for changes to the zone file

DNS Server (Master)
DNS Server
Primary Zone Database File
Secondary Zone Database File
Zone 1
14
Configuring Zone Transfers
  • Zone Transfer Types
  • Full zone transfer (AXFR)
  • Incremental zone transfer (IXFR)
  • Configuring Zone Transfer Properties
  • Configuring DNS Notify

15
Configuring Zone Transfers
16
How DNS Notify Works
A DNS notify is an update to the original DNS
protocol specification that permits notification
to secondary servers when zone changes occur
Resource record is updated
1
Source Server
Destination Server
SOA serial number is updated
2
DNS notify
3
Zone transfer
4
Secondary Server
Primary and Master Server
17
Configuring AD Integrated Zones
  • Active Directory Integrated Zone Data Is
  • Stored as an Active Directory object
  • Replicated as part of domain replication

Active Directory Integrated Zone
Active Directory
contoso.com
DNS Server
18
What Are Directory Partitions?
Contains
Definitions and rules for creating and
manipulating objects and attributes
Forest
Information about the Active Directory structure
Information about domain-specific objects
Domain
Configurablereplication
Information about applications
Active Directory Database
19
Selecting a Partition
Forest Application
Domain Application
Domain Partition
20
Configuring Dynamic Updates
  • DNS Dynamic Update Protocol
  • Allows clients to automatically update DNS
    servers
  • Can be used in conjunction with DHCP

21
Securing Dynamic Updates
Active Directory Integrated Zone
Secure Dynamic Updates
22
Creating a Subdomain
  • Create a Subdomain to Better Organize Your
    Namespace
  • Delegate Authority of a Subdomain To
  • Delegate management of portions of the namespace
  • Delegate administrative tasks of maintaining one
    large DNS database

.
org.
com.
edu.
tw.
microsoft.com.
training.microsoft.com.
Subdomain
Second-Level Domain
Top-Level Domain
Root
23
DNS Server Roles
Role Situation
Caching-only servers A remote office has a limited amount of available bandwidth
Non-recursive servers You have Internet-facing DNS that are authoritative for one or more zones
Forward-only servers You want to manage the DNS traffic between your network and the Internet
Conditional forwarders You want DNS clients in separate networks to resolve each others names without having to query the DNS server on the Internet
24
How the Time-to-Live Value Works
The Time-to-Live (TTL) value is a time-out value
expressed in seconds that is included with DNS
records that are returned in a DNS query 
Resource Record
Resource Record
Zone
Cache
Cache
Authoritative DNS Server2
DNS Server1
TTL set on the zone
DNS Client
25
Reducing Network Traffic by Using Caching-Only
Servers
  • Caching-Only Servers
  • Perform name resolution on behalf of client
    computers and cache the results
  • Can be used to reduce DNS-related traffic across
    a WAN

26
How Aging and Scavenging Works
7-days
7-days
Jan 1
Jan 15
Jan 8
No-Refresh interval
Refresh interval
Time stamped
Scavenge
Aging
27
What Is DNS Debug Logging?
DNS debug logging is an optional logging tool for
DNS that stores the DNS information that you
select
Primary DNS Server1
Secondary DNS Server2
28
Planning a DNS Implementation
  • Small Companies
  • Can use ISP DNS servers for queries and to store
    company domain names
  • Larger Companies
  • Maintain their own DNS servers
  • Two DNS Servers Recommended
  • Primary name server
  • Secondary name server

29
DNS Namespace Options
30
Connecting DNS to the Internet
Internal DNS Server
External DNS Server
Firewall
Internet
ScreenedSubnet
Firewall
  • Forwarding DNS Queries to Internet DNS Servers
  • Responding to DNS Queries from the Internet

Internet DNS Server
31
Integrating DNS into Screened Subnets
public.contoso.msft
public.contoso.msft
Secondary DNS Zone
Primary DNS Zone
Firewall
Internet
PrivateNetwork
ScreenedSubnet
Firewall
  • Zones Contain Records for Public Resources
  • Configure Firewalls to Permit Appropriate DNS
    Traffic
  • Place Only Secondary Zones
  • Encrypt Replication Traffic with IPSec
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Windows Server 2003 DNS ?????????" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!