Documents
Resources
Learning Center
Upload
Plans & pricing Sign in
Sign Out

Module 3

VIEWS: 5 PAGES: 55

									                            Configuring DNS


70-642 - Configuring and Troubleshooting
a Windows Server® 2008 Network Infrastructure
Campus-Booster ID : XXXXX




                                                                  www.supinfo.com
                                                Copyright © SUPINFO. All   rights reserved
Configuring and Troubleshooting DHCP

Your trainer…

                             Title: **Enter title or job role.
                             Accomplishments: **What
                             makes the presenter qualified to
                             present this course.
                             Education: **List degrees if
                             important.
                             Publications: **Writings by the
                             presenter on the subject of the
                             course or presentation.
                             Contact:
                             **Campus-Booster ID:
     Presenter’s Name        presenter@supinfo.com
Configuring DNS

Course objectives
By completing this course, you will:

                             Installing the DNS Server Role
                             Configuring the DNS Server
                              Role
                             Configuring DNS Zones
                             Configuring DNS Zone
                              Transfers
                             Configuring DNS Dynamic
                              Updates
                             Configuring a DNS Client
Configuring DNS

Course topics
Course’s plan:

                   Installing the DNS Server Role
                   Configuring the DNS Server
                    Role
                   Configuring DNS Zones
                   Configuring DNS Zone
                    Transfers
                   Configuring DNS Dynamic
                    Updates
                   Configuring a DNS Client
Configuring DNS




                  Installing the DNS Server
                  Role
Installing the DNS Server Role

Preview


 Overview of the Domain Name
  System Role
 Overview of the DNS Namespace
 DNS Improvements for Windows
  Server 2008
 Standards for DNS Naming
 Considerations for Deploying the
  DNS Server Role
Installing the DNS Server Role

Overview of the Domain Name System Role


  Domain Name System – It is a hierarchical distributed database


   DNS is the foundation of the Internet naming scheme
   DNS supports accessing resources by using
    alphanumeric names
   InterNIC is responsible for managing the
    domain namespace
   DNS was created to support the Internet’s growing
    number of hosts
Installing the DNS Server Role

Overview of the DNS Namespace

    Root Domain

    Top-Level Domain
                             net          com        org


    Second-Level
    Domain                            supinfo


    Subdomain
                             nice         lyon      paris




     FQDN:                          sis          Host: server1
     server1.sis.lyon.supinfo.com                = 10.1.40.4
Installing the DNS Server Role
DNS Improvements for Windows Server 2008


New or enhanced features in the Windows Server 2008 version of
DNS include:



 Background zone loading
 IP version 6 support
 Support for read-only domain
  controllers
 Global single names
Installing the DNS Server Role

Standards for DNS Naming

   The following characters are valid for DNS names:


    A-Z
    a-z
    0-9
    Hyphen (-)


   The underscore (_) is a reserved character
Installing the DNS Server Role
Considerations for Deploying the DNS Server Role



   The user account must be a member of the local
    administrators group or equivalent
   Manually configuring the server to use a static IP address
    is recommended
   Manually editing the server and boot files is not
    recommended
   Use the DNS console or dnscmd
   Active Directory integrated DNS zones cannot be
    administered using a text editor
Installing the DNS Server Role

Stop-and-think

 Do you have any question?
Configuring DNS




                  Configuring the DNS Server
                  Role
Configuring the DNS Server Role

Preview

  What are the Components of a DNS
   Solution?
  DNS Resource Records
  What are Root Hints?
  What is a DNS Query?
  What are Recursive Queries?
  What are Iterative Queries?
  What is a Forwarder?
  What is Conditional Forwarding?
  How DNS Server Caching Works
Configuring the DNS Server Role

What Are the Components of a DNS Solution?



                                                               Root “.”
                                      Resource
                                       Record

                                                                  .com




                                                           .edu

                                      Resource
                                       Record

      DNS Clients       DNS Servers          DNS Servers on the Internet
Configuring the DNS Server Role

DNS Resource Records




  SOA: Start of Authority
  A: Host Record
  CNAME: Alias Record
  MX: Mail Exchange Record
  SRV: Service Resources
  NS: Name Servers
  AAAA: IPv6 DNS Record
Configuring the DNS Server Role

What are Root Hints?

   Root hints – contain the IP addresses for DNS root servers




     DNS Server                     Root (.) Servers

                       Root Hints




                                                        com
                               DNS Server


                   Computer1                           supinfo
Configuring the DNS Server Role

What is a DNS Query?
   Query – It is a request for name resolution and
   is directed to a DNS server
   Queries are recursive or iterative
   DNS clients and DNS servers both initiate queries
   DNS servers are authoritative or nonauthoritative for a
    namespace
   An authoritative DNS server for the namespace will either:
       Return the requested IP address
       Return an authoritative “No”
   A nonauthoritative DNS server for the namespace will either:
       Check its cache
       Use forwarders
       Use root hints
Configuring the DNS Server Role

What are Recursive Queries?

     A recursive query – It is sent to a DNS server and requires a
     complete answer




                         Recursive querie for
                          mail1.supinfo.com


                                                             Database
                             172.16.64.11

      DNS Client                                Local DNS Server
Configuring the DNS Server Role

What are Iterative Queries?

    Interative query directed to a DNS server may be answered
    with a referral to another DNS server


      Serveur                                               Root Hint (.)
                             Iterative Query
     DNS local
                             Ask .com          1

                                                           .com
                                                   2



                 Computer1                             3
                                                              supinfo.com
Configuring the DNS Server Role

What is a Forwarder?

       Forwarder – It is a DNS server designated to resolve
       external or offsite DNS domain names


                           Iterative Query
   Forwarder                                           Root Hint (.)
                               Ask .com


                                                    .com




                                                     supinfo.com
  Local
DNS Server                            Computer1
Configuring the DNS Server Role

What is Conditional Forwarding?

      Conditional forwarding – It forwards requests using
      a domain name condition

                               All other DNS domains
      Local DNS
                                                                ISP DNS




             Client Computer
                                                mslab.lan DNS
Configuring the DNS Server Role

How DNS Server Caching Works?

                          DNS server cache
         Host name                IP address                  TTL
      serverA.mslab.lan           192.168.8.44             28 seconds




          ServerA is at
            Where’s
          192.168.8.44
           ServerA?



                                                 ServerA
      Client1
                             ServerA is at
                               Where’s
           Client2           192.168.8.44
                              ServerA?
Configuring the DNS Server Role

Stop-and-think

 Do you have any question?
Configuring DNS




                  Configuring DNS Zones
Configuring DNS Zones

Preview

  What is a DNS Zone?
  What are the DNS Zone Types?
  What are Forward and Reverse
   Lookup Zones?
  What are Stub Zones?
  DNS Zone Delegation
    Configuring DNS Zones

     What is a DNS Zone?
                               Internet

                                                   “.”        DNS root domain

                                            .com
          supinfo.com domain

                                                                  supinfo.com
                                                               www.supinfo.com
      supinfo.com zone
                                                                ftp.supinfo.com
                                                              example.supinfo.com

                                   Zone database

example.supinfo.com
               zone
                                                           example.supinfo.com
                                                         www.example.supinfo.com
                                Zone database            ftp.example.supinfo.com
Configuring DNS Zones

What are the DNS Zone Types?

     Zones                      Description

 Primary          Read/write copy of a DNS database


 Secondary        Read-only copy of a DNS database

                  Copy of a zone that contains only
 Stub
                  records used to locate name servers

 Active
                  Zone data is stored in Active Directory
 Directory
                  rather than in zone files
 integrated
      Configuring DNS Zones

      What are Forward and Reverse Lookup Zones?
                         Namespace: training.supinfo.com.

                                                              Client1 DNS    192.168.2.45
 DNS Server Authorized             Forward                    Client2 DNS    192.168.2.46
      for training                  zone        Training
                                                              Client3 DNS    192.168.2.47

                                                              192.168.2.45   DNS Client1
                                   Reverse     1.168.192
                                                              192.168.2.46   DNS Client2
                                    zone       .in-ddr.arpa
                                                              192.168.2.47   DNS Client3

DNS Client2 = ?

                    192.168.2.46 = ?



                                                      DNS Client3
      DNS Client1
                                 DNS Client2
Configuring DNS Zones

What are Stub Zones? (1 : Without stub zones)

   Without stub zones , the nice.supinfo.com server must
   query several servers to find the server that hosts
   the srv1.laboms.com zone


                    DNS
                    server
                                                                          DNS
                                                                          server
                               supinfo.com
                              (Root domain)
                                                        DNS
       DNS
                                                        server   laboms.com
       server
                                                                                      DNS
                                                                                      server

           nice.supinfo.com               lyon.supinfo.com


                                                                          srv1.laboms.com
Configuring DNS Zones

What are Stub Zones? (2 : With a stub zone defined)


   With stub zones defined, the location of the srv1.laboms.com
   zone is known without querying multiple DNS servers




                       DNS
                       server
                                                                             DNS
                                                                             server
                                  supinfo.com
                                 (Root domain)

          DNS
                                                                    laboms.com
          server                                           DNS
                                                           server                        DNS
                                                                                         server

              nice.supinfo.com               lyon.supinfo.com


                                                                             srv1.laboms.com
Configuring DNS Zones

DNS Zone Delegation




                               supinfo.com




            nice.supinfo.com                 paris.supinfo.com
Configuring DNS Zones

Stop-and-think

 Do you have any question?
Configuring DNS




                  Configuring DNS Zone
                  Transfers
Configuring DNS Zone Transfers

Preview

  What is a DNS Zone Transfer?
  How DNS Notify Works
  Securing Zone Transfers
Configuring DNS Zone Transfers

What is a DNS Zone Transfer?

   DNS Zone Transfer – It is the synchronization of authoritative
   DNS zone data between DNS servers


                     1   SOA query for a zone

                     2   SOA query answered

                     3   IXFR or AXFR query for a zone

                         IXFR or AXFR query answered
                     4
                         (zone transferred)
 Secondary server                                        Primary and
                                                         Master server
Configuring DNS Zone Transfers

How DNS Notify Works
   DNS Notify – It is an update to the original DNS protocol
   specification that permits notification to secondary servers
   when zone changes occur

                                           Resource
                                     1     record is
   Destination Server                                      Source Server
                                           updated
                                           SOA serial
                                     2     Number
                                           is updated
                        3     DNS Notify

                        4     Zone transfer

   Secondary Server                                     Primary and
                                                        Master Server
Configuring DNS Zone Transfers

Securing Zone Transfers

  Restrict zone transfer to specified servers
  Encrypt zone transfer traffic
  Consider using Active Directory integrated zones




                Primary Zone                     Secondary Zone
Configuring DNS Zone Transfers

Stop-and-think

 Do you have any question?
Configuring DNS




                  Configuring DNS Dynamic
                  Updates
Configuring DNS Dynamic Updates

Preview

 What Are Dynamic Updates?
 Using Dynamic Updates
 Using Dynamic Updates using a DHCP
  Server
 Active Directory-Integrated DNS Zone
 Use Secure Dynamic Updates with AD
  integrated zones
Configuring DNS Dynamic Updates
What Are Dynamic Updates?
Dynamic Update – process of a DNS client dynamically creating,
registering, or updating its records in zones that are maintained
by DNS servers that can accept and process messages for dynamic
updates
Manual Update – process of an administrator manually creating,
registering, or updating the resource record

 Dynamic update enables DNS client computers to interact
  automatically with the DNS server to register and update their own
  resource records
       Organizations that have dynamic changes can benefit from the
        dynamic method of updating DNS resource records
 Organizations may benefit from manual update if they:
       Are in a smaller environment that has few changes to their
        resource records
       Have isolated instances, such as when a larger organization
        chooses to control every address on every host
Configuring DNS Dynamic Updates
Using Dynamic Updates


 local                     Resource   1   Client sends SOA query
                           Records
                                          DNS server sends zone name
                                      2   and server IP address

                                          Client verifies existing
         1   2    3   4    5          3   registration

                                          DNS server responds by
                                      4   stating that registration does
                                          not exist

                                          Client sends dynamic update
                                      5   to DNS server


 Windows         Windows   Windows
Server 2008         XP       2000
Configuring DNS Dynamic Updates

Using Dynamic Updates using a DHCP Server

                                          DHCP client makes an IP lease
                                     1    request
local               Resource
                    Records          2    DHCP server grants IP lease


                                          DHCP server automatically
                                     3    generates client’s FQDN
        3   4                             Using dynamic update, the DHCP
                                     4    server updates the DNS forward
                                          and reverse records for the client


                        1
                        2
     Windows      IP Address Lease         DHCP
    Server 2008                          Down-Level
   Running DHCP                            client
Configuring DNS Dynamic Updates
Active Directory-Integrated DNS Zone
   Active Directory-Integrated DNS Zone – a DNS zone stored in
   Active Directory
    DNS zone type                         Benefit
  Non Active
  Directory-integrated    Does not require Active Directory
  zone

                          Stores DNS zone data in Active Directory
                           and is thus more secure
                          Uses Active Directory replication instead
  Active Directory-        of zone transfers
  integrated zone
                          Allows only secure dynamic updates
                          Uses multi-master instead of single
                           master structure
Configuring DNS Dynamic Updates
Use Secure Dynamic Updates with AD integrated zones

 Secure Dynamic Update – process in which a client submits a
 dynamic update request to a DNS server, and the server attempts
 the update only if the client can prove its identity and has the proper
 credentials to make the update

                      Find authoritative server               Local
  DNS Client
  running                                                     DNS
                               Result                         Server
  Windows XP




                                                  Domain Controller
                                                  with AD-Integrated
                                                  DNS Zone
Configuring DNS Dynamic Updates

Stop-and-think
 Do you have any question?
Configuring DNS




                  Configuring a DNS Client
Configuring a DNS Client

Preview

 How Preferred and Alternate
  DNS Servers Work
 Using Suffixes
Configuring a DNS Client
How Preferred and Alternate DNS Servers Work

                                 3. Optionally, you can enter a whole
                                    list of alternate DNS servers




1. The preferred
   DNS server is
   the one that the
   client tries first

                                   4. The preferred and alternate
                                      DNS servers specified on the
                                      Properties page automatically
                                      appear at the top of this list,
                                      and preferred and alternate
2. If the preferred server            servers are queried in the
   fails, the client tries the        order they are listed
   alternate DNS server
Configuring a DNS Client

Using Suffixes



                       Domain
Suffix Selection       suffix
option                                      Name query= server1
                       search list


                                     server1.sis.nice.supinfo.com

                                          server1.nice.supinfo.com

                                                server1.supinfo.com


     Connection
     Specific
     Suffix
Configuring a DNS Client

Stop-and-think
 Do you have any question?
Configuring DNS

Course summary

                   Installing the    Configuring
   Configuring                      DNS Dynamic
                    DNS Server
    DNS Zone                          Updates
                       Role
    Transfers



                              Configuring DNS
                                   Zones

         Configuring
          the DNS
         Server Role          Configuring a
                               DNS Client
      Congratulations
You have successfully completed
the SUPINFO course module n°4
        Configuring DNS
Configuring DNS

On the road again




 Eat apples
 Buy licences

								
To top