Professional Documents
Culture Documents
CH 10 DNS Assisgnment
CH 10 DNS Assisgnment
CH 10 DNS Assisgnment
What is RSAT?
Remote Server Administration Tools
Primary DNS servers can be configured to notify secondary DNS servers of changes to
a zone and to begin a zone transfer. They can also be configured to perform a zone
transfer on a scheduled basis.
A forward lookup zone is created to, as the name suggests, forward lookups to the DNS
database. In other words, this type of zone resolves names to IP addresses and
resource information. For example, if a user wants to reach dc1.companyabc.com and
queries for its IP address through a forward lookup zone, DNS returns 172.16.1.11, the
IP address for that resource.
A reverse lookup zone performs the exact opposite operation as a forward lookup zone.
IP addresses are matched up with a common name in a reverse lookup zone. This is
similar to knowing a phone number but not knowing the name associated with it.
Reverse lookup zones are usually manually created and do not always exist in every
implementation. Creating a new zone using the Configure a DNS Server Wizard, as in
the example earlier in this chapter, can automatically create a reverse lookup zone.
Reverse lookup zones are primarily populated with PTR records, which serve to point
the reverse lookup query to the appropriate name.
Primary Zones
Secondary Zones
A secondary zone is established to provide redundancy and load balancing for the
primary zone. Each copy of the DNS database is read-only, however, because all
record keeping is done on the primary zone copy. A single DNS server can contain
several zones that are primary and several that are secondary. The zone creation
process is similar to the one outlined in the preceding section on primary zones, but with
the difference being that the zone is transferred from an existing primary server.
Stub Zones
The concept of stub zones is unique to Microsoft DNS. A stub zone is essentially a zone
that contains no information about the members in a domain but simply serves to
forward queries to a list of designated name servers for different domains. A stub zone
subsequently contains only NS, SOA, and glue records. Glue records are essentially A
records that work in conjunction with a particular NS record to resolve the IP address of
a particular name server. A server that hosts a stub zone for a namespace is not
authoritative for that zone.
The standard method for zone transfers, which transfers the entire contents of a DNS
zone from the primary server to the secondary server, is known as asynchronous zone
transfer (AXFR), or full zone transfer. This type of zone transfer copies every item in the
DNS database to the secondary server, regardless of whether the server already has
some of the items in the database. Older implementations of DNS utilized AXFR
exclusively, and it is still utilized for specific purposes today.
Recursive queries are most often performed by resolvers, or clients, that need a specific
name resolved by a DNS server. Recursive queries are also accomplished by a DNS
server if forwarders are configured to be used on a particular name server. A recursive
query essentially asks whether a particular record can be resolved by a particular name
server. The response to a recursive query is either negative or positive.
Iterative queries ask a DNS server to either resolve the query or make a best-guess
referral to a DNS server that might contain more accurate information about where the
query can be resolved. Another iterative query is then performed to the referred server
and so on until a result, positive or negative, is obtained.
The Start of Authority (SOA) record in a DNS database indicates which server is
authoritative for that particular zone. The server referenced by the SOA records is
subsequently the server that is assumed to be the authoritative source of information
about a particular zone and is in charge of processing zone updates. The SOA record
contains information such as the Time to Live (TTL) interval, the contact person
responsible for DNS, and other critical information.
The most common type of resource record (RR) in DNS is the host record, also known
as an A record. This type of RR simply contains the name of the host and its
corresponding IP address.
Name Server (NS) records identify which computers in a DNS database are the name
servers, essentially the DNS servers for a particular zone. Although there can be only
one SOA record for a zone, there can be multiple NS records for the zone, which
indicate to clients which machines are available to run DNS queries against for that
zone.
Service (SRV) Records
Service (SRV) records are RRs that indicate which resources perform a particular
service. Domain controllers in Active Directory Domain Services are referenced by SRV
records that define specific services, such as the global catalog (GC), Lightweight
Directory Access Protocol (LDAP), and Kerberos. SRV records are a relatively new
addition to DNS, and did not exist in the original implementation of the standard. Each
SRV record contains information about a particular functionality that a resource
provides. For example, an LDAP server can add an SRV record, indicating that it can
handle LDAP requests for a particular zone. SRV records can be very useful for Active
Directory Domain Services because domain controllers can advertise that they handle
global catalog requests.
A Mail Exchanger (MX) record indicates which resources are available for Simple Mail
Transfer Protocol (SMTP) mail reception. MX records can be set on a domain basis so
that mail sent to a particular domain will be forwarded to the server or servers indicated
by the MX record. For example, if an MX record is set for the domain companyabc.com,
all mail sent to user@companyabc.com will be automatically directed to the server
indicated by the MX record.
Reverse queries to DNS are accomplished through the use of Pointer (PTR) records. In
other words, if a user wants to look up the name of a resource that is associated with a
specific IP address, he would do a reverse lookup using that IP address. A DNS server
would reply using a PTR record that would indicate the name associated with that IP
address. PTR records are most commonly found in reverse lookup zones.
A Canonical Name (CNAME) record represents a server alias, and allows any one of a
number of servers to be referred to by multiple names in DNS. The record essentially
redirects queries to the A record for that particular host. CNAME records are useful
when migrating servers and for situations in which friendly names, such as
mail.companyabc.com, are required to point to more complex server-naming
conventions, such as sfoexch01.companyabc.com.
A(n) full zone transfer (AXFR) will transfer all records within a zone from a primary server to a
secondary server.
The “.” zone represents the root of the DNS naming hierarchy.
A(n) Mail Exchanger (MX) record is used by e-mail systems to locate mail servers in different
networks.
The In-addr.arpa domain allows IPv4 hosts to map host names to IP addresses.
contoso.com is an example of a(n) second-level domain within the .com top-level domain.
The DomainDNSZones application scope will replicate DNS data to all DNS servers within a
domain.
A(n) AD Integrated Zone stores DNS data in Active Directory, rather than as part of text file.
Each DNS record has a(n) Time to Live (TTL) that indicates the maximum time that a record will
be cached by a DNS server before it is discarded.
A DNS domain name like .ca or .ch is an example of a(n) country code domain.
1. A stub DNS zone only stores which domain record(s)? (Choose all that apply)
a. NS
b. A
c. CNAME
d. SOA
e. MX
2. Which port and transport protocol does the DNS service use to listen for hostname resolution
requests?
a. TCP port 25
b. TCP port 80
c. TCP port 53
d. UDP port 25
e. UDP port 80
f. UDP port 53
3. You want to configure a different list of root servers for your DNS server. Which file
in “%systemroot%\system32\dns” do you edit?
a. Cache.dns
b. Roots.dns
c. Zone.dns
d. Hints.dns
4. Which of the following commands would manually force a supported client’s Dynamic DNS
information to refresh?
a. Ipconfig /refresh
b. Ipconfig /registerdns
c. Ipconfig /flushdns
d. Ipconfig /displaydns
a. Creating multiple host (A) records with the same name to multiple IP addresses
b. Creating multiple host (A) records with different names to a single IP address
c. Creating different priorities for an MX record
d. Enabling forwarding to root hint servers
6. An administrator wants to change the replication schedule for a DNS server but the
“Replication” button is grayed out. What type of zone is it?
a. Primary
b. Secondary
c. Active Directory Integrated
d. Caching-only
a. .txt
b. .sam
c. .dat
d. .nbt
e. No file extension is used