Upload
sujits
View
221
Download
0
Embed Size (px)
Citation preview
8/14/2019 Overview of DNS
1/27
DNS in a Small BusinessDNS in a Small BusinessServer 2000 EnvironmentServer 2000 Environment
Frank BrownFrank BrownSupport ProfessionalSupport ProfessionalSmall Business ServerSmall Business ServerMicrosoft CorporationMicrosoft Corporation
8/14/2019 Overview of DNS
2/27
2
Introduction to the Domain NameIntroduction to the Domain Name
SystemSystem Distributed hierarchical namespaceDistributed hierarchical namespace
Resolves IP addresses to a recognizable hostResolves IP addresses to a recognizable host
name (forward lookups)name (forward lookups) Resolves host names to IP addressesResolves host names to IP addresses
(reverse lookups)(reverse lookups)
Used to locate resources in a MicrosoftUsed to locate resources in a MicrosoftActive Directory DomainActive Directory Domain
8/14/2019 Overview of DNS
3/27
3
Name Resolution ProcessName Resolution Process
Contoso.local
com
nwtraders.com
us.nwtraders.com
23
4
5
6
7
1
8
9
Host 1Host 2
8/14/2019 Overview of DNS
4/27
4
Zones vs. DomainsZones vs. Domains
Domain - a single node in the DNSDomain - a single node in the DNSnamespace and all of its descendant nodesnamespace and all of its descendant nodes
Zone - the set of resource records that areZone - the set of resource records that areassigned to a particular name serverassigned to a particular name server
Contoso.com
Northamerica.Contoso.com Southamerica.Contoso.com
Domain
Contoso.com
Northamerica.Contoso.com Southamerica.Contoso.com
Zone
Zone Zone
8/14/2019 Overview of DNS
5/27
5
DNS ServersDNS Servers
Primary serverPrimary server
Secondary serverSecondary server
Master serverMaster server Caching-only serverCaching-only server
8/14/2019 Overview of DNS
6/27
6
DNS Zones and Lookup TypesDNS Zones and Lookup Types
Zone filesZone files Standard primaryStandard primary
Standard secondaryStandard secondary Active Directory integratedActive Directory integrated
Lookup typesLookup types Forward lookup zonesForward lookup zones
Reverse lookup zonesReverse lookup zones
8/14/2019 Overview of DNS
7/27
7
DNS Zone FilesDNS Zone Files
Domain_NameDomain_Name.dns.dns
z.y.x.wz.y.x.w.in-addr.arpa.in-addr.arpa
Cache.dnsCache.dns Boot.dnsBoot.dns
8/14/2019 Overview of DNS
8/27
8
Resource RecordsResource Records
Resource recordsResource records SOA start of authoritySOA start of authority
NS name serverNS name server
A hostA host MX Mail ExchangerMX Mail Exchanger
CNAME canonical name (alias)CNAME canonical name (alias)
SRV serviceSRV service
Resource record fieldsResource record fields IN A IN A
.. IN SRV .. IN SRV
8/14/2019 Overview of DNS
9/27
9
Resource Records Registered byResource Records Registered by
Windows 2000 DomainWindows 2000 DomainControllersControllers
_ldap.tcp._ldap.tcp.
_ldap.tcp.sites._ldap.tcp.sites.
_ldap.tcp.pdc.ms-dcs._ldap.tcp.pdc.ms-dcs.
_ldap.tcp.gc.ms-dcs._ldap.tcp.gc.ms-dcs.
_ldap.tcp..sites.gc.ms-dcs._ldap.tcp..sites.gc.ms-dcs.
_ldap.tcp..domains.ms-dcs._ldap.tcp..domains.ms-dcs.
8/14/2019 Overview of DNS
10/27
10
Zone TransfersZone Transfers
A zone transfer is initiated when:A zone transfer is initiated when: A primary DNS server sends notification of zoneA primary DNS server sends notification of zonechanges to the secondary server or serverschanges to the secondary server or servers
The secondary server queries a master DNSThe secondary server queries a master DNS
server for changes to the zone fileserver for changes to the zone file
DNSServer(Primary)
nwtraders
trainingsupport
Primary ZoneDatabase File
Secondary ZoneDatabase File
DNSServer(Secondary)
Zone 1
8/14/2019 Overview of DNS
11/27
11
New Features in Windows 2000New Features in Windows 2000
Implementation of DNSImplementation of DNS Service location for Active Directory - DNS isService location for Active Directory - DNS is
used as a means to locate services in anused as a means to locate services in anActive Directory-based domainActive Directory-based domain
Multimaster replication - allows DNS to takeMultimaster replication - allows DNS to takeadvantage of the multimaster replicationadvantage of the multimaster replicationfeature of ADfeature of AD
Support for dynamic updates - client recordsSupport for dynamic updates - client recordsare updated either directly or through DHCPare updated either directly or through DHCP
Supports incremental zone transfersSupports incremental zone transfers
Integration with WINS and DHCPIntegration with WINS and DHCP
Enhanced caching and negative cachingEnhanced caching and negative caching
8/14/2019 Overview of DNS
12/27
12
Active Directory Integrated ZonesActive Directory Integrated Zones
Active Directory integrated zone data is:Active Directory integrated zone data is: Stored as an Active Directory objectStored as an Active Directory object Replicated as part of domain replicationReplicated as part of domain replication
Active Directorycontoso.c
om
DNS Server
Active DirectoryIntegrated Zone
8/14/2019 Overview of DNS
13/27
13
Dynamic UpdateDynamic Update DNS dynamic update protocolDNS dynamic update protocol
Allows clients to automatically update DNS serversAllows clients to automatically update DNS servers Can be used in conjunction with DHCPCan be used in conjunction with DHCP
DNS Server
Request for IP addressRequest for IP address11
Assign IP addressAssign IP address
of 192.168.16.33of 192.168.16.33
2
Zone DatabaseZone Database
Computer1192.168.16.33
DHCPServer
Windows 2000Windows 2000
client updatesclient updates
forward resourceforward resourcerecord on DNSrecord on DNS
serverserver
DHCP updatesDHCP updates
reverse resource recordreverse resource record
for Windows 2000for Windows 2000
clients and bothclients and both
resource records forresource records for
other clientsother clients
8/14/2019 Overview of DNS
14/27
14
How to Install DNSHow to Install DNS
Installed during Small Business Server setupInstalled during Small Business Server setup
Added during the installation of ActiveAdded during the installation of Active
Directory (DCPromo)Directory (DCPromo) Through Add/Remove Programs applet inThrough Add/Remove Programs applet in
Control Panel (Windows Components,Control Panel (Windows Components,Networking Services)Networking Services)
8/14/2019 Overview of DNS
15/27
15
Configuration of DNS During andConfiguration of DNS During and
After SBS 2000 InstallationAfter SBS 2000 Installation Domain name considerationsDomain name considerations
Using the Internet Connection WizardUsing the Internet Connection Wizard
Adding forwardersAdding forwarders Configuring the DNS properties of the serverConfiguring the DNS properties of the server
network cardsnetwork cards
Integration with DHCPIntegration with DHCP
8/14/2019 Overview of DNS
16/27
16
Domain Name ConsiderationsDomain Name Considerations
If your company has separateinternal and external namespaces
ISP DNS
Internal Domain
Private Network
local.
Contoso.localContoso.local
...contoso.local
...
Cache.dns
If your company has the sameinternal and external namespaces
.
Internet Root Domain
org.
Private Network
com.
Contoso.comContoso.com
...
contoso.com
...
org.com.
edu.au.
8/14/2019 Overview of DNS
17/27
17
Using the Internet ConnectionUsing the Internet Connection
WizardWizard
8/14/2019 Overview of DNS
18/27
18
Adding ForwardersAdding Forwarders
8/14/2019 Overview of DNS
19/27
19
DNS Settings of the ServerDNS Settings of the Server
Network Card(s)Network Card(s)
8/14/2019 Overview of DNS
20/27
20
Advanced DNS Server ParametersAdvanced DNS Server Parameters
8/14/2019 Overview of DNS
21/27
21
Troubleshooting ToolsTroubleshooting Tools
PingPing ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count]ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count]
[-s count] [[-j host-list] | [-k host-list]] [-w timeout][-s count] [[-j host-list] | [-k host-list]] [-w timeout]destination-listdestination-list
IPconfigIPconfig ipconfig [/? | /all | /release [adapter] | /renew [adapter] |ipconfig [/? | /all | /release [adapter] | /renew [adapter] |
/flushdns | /registerdns | /showclassid adapter | /setclassid/flushdns | /registerdns | /showclassid adapter | /setclassidadapter [classidtoset] ]adapter [classidtoset] ]
NslookupNslookup
DNS event logDNS event log DNS trace log enabled through the logging tab onDNS trace log enabled through the logging tab on
the DNS serverthe DNS server DNS.logDNS.log
Saved in systemroot\System32\DNS folderSaved in systemroot\System32\DNS folder
8/14/2019 Overview of DNS
22/27
22
NslookupNslookup
Use Nslookup to verify that the informationUse Nslookup to verify that the informationcontained in resource records is correctcontained in resource records is correct
Nslookup has two modes:Nslookup has two modes: InteractiveInteractive
NoninteractiveNoninteractive
Syntax:Syntax:
Nslookup [option] [computer-to-find] [server]Nslookup [option] [computer-to-find] [server]
8/14/2019 Overview of DNS
23/27
23
Common DNS Issues in SBS 2000Common DNS Issues in SBS 2000
Microsoft Windows 2000 clients cannotMicrosoft Windows 2000 clients cannotlogonlogon
SBS clients cannot resolve external DNSSBS clients cannot resolve external DNSnamesnames
Server hangs at Preparing NetworkServer hangs at Preparing NetworkConnectionsConnections
Netlogon errors 5775, 5781Netlogon errors 5775, 5781 Mail delivery issues cannot send/receiveMail delivery issues cannot send/receive
8/14/2019 Overview of DNS
24/27
24
Best PracticesBest Practices
Use the Internet Connection WizardUse the Internet Connection Wizard
Use separate internal and external DNSUse separate internal and external DNS
namespace (i.e. contoso.local, contoso.com)namespace (i.e. contoso.local, contoso.com)
Configure all network cards to use the SBSConfigure all network cards to use the SBSDNS serverDNS server
Configure the DNS server as a forwarderConfigure the DNS server as a forwarder
Configure zones to accept dynamic updatesConfigure zones to accept dynamic updates
Delete the . folder if it exists to allowDelete the . folder if it exists to allowinternet name resolutioninternet name resolution
8/14/2019 Overview of DNS
25/27
25
ResourcesResources
Windows 2000 DNS overview:Windows 2000 DNS overview: http://www.microsoft.com/windows2000/techinfo/http://www.microsoft.com/windows2000/techinfo/
howitworks/communications/nameadrmgmt/dnsohowitworks/communications/nameadrmgmt/dnsover.aspver.asp
Windows 2000 DNS white paper:Windows 2000 DNS white paper: http://www.microsoft.com/windows2000/techinfo/http://www.microsoft.com/windows2000/techinfo/
howitworks/communications/nameadrmgmt/w2kdhowitworks/communications/nameadrmgmt/w2kdns.aspns.asp
RFCs 1034, 1035, 2782, 2136RFCs 1034, 1035, 2782, 2136
8/14/2019 Overview of DNS
26/27
26
Resources (2)Resources (2)
Knowledge Base articlesKnowledge Base articles Q260371 Troubleshooting Common ActiveQ260371 Troubleshooting Common Active
Directory Issues in Windows 2000Directory Issues in Windows 2000
Q272674 IP Address Configuration for WindowsQ272674 IP Address Configuration for Windows2000 Domain Controllers2000 Domain Controllers
Q300202 How to Configure DNS for InternetQ300202 How to Configure DNS for InternetAccessAccess
Q229840 DNS Servers Root Hints and ForwarderQ229840 DNS Servers Root Hints and ForwarderPages are UnavailablePages are Unavailable
Q247811 How Domain Controllers are Located inQ247811 How Domain Controllers are Located inWindows 2000Windows 2000
Q249868 Replacing Root Hints with theQ249868 Replacing Root Hints with the
Cache.DNS fileCache.DNS file
8/14/2019 Overview of DNS
27/27
27