Network Infrastructure Windows Server: Configuring and Troubleshooting DNS

EDN 132
NETWORK INFRASTRUCTURE
WINDOWS SERVER
CHAPTER 5
Configuring
Configuring and
and Troubleshooting
Troubleshooting
DNS
DNS
PREPARED BY:
ZOHAIR IHSAN
SCHOOL OF NETWORKING
FACULTY OF ENGINEERING AND INFORMATION
TECHNOLOGY
CHAPTER 5: Configuring and Troubleshooting DNS
Learning Outcomes
TOPIC
 Installing the DNS Server Role
 Configuring the DNS Server Role
 Configuring DNS Zones
 Configuring DNS Zone Transfers
 Managing and Troubleshooting DNS
Slide 2 of 26
Overview of the Domain Name System Role
TOPIC
Domain
Domain Name
Name System
System is
is a
a hierarchical
hierarchical distributed
distributed database
database
• DNS is the foundation of the Internet naming scheme
• DNS supports accessing resources by using

alphanumeric names
• DNS was created to support the Internet’s growing

number of hosts
Slide 3 of 26
Overview of the DNS Namespace
TOPIC
Root Domain
Top-Level
Domain net
net com
com org
org
Second-Level
Domain contoso
contoso
Subdomain
west
west south
south east
east
FQDN: sales
sales Host: SERVER1
SERVER1.sales.south.contoso.com
Slide 4 of 26
DNS Improvements for Windows Server 2008
TOPIC
New or enhanced features in the Windows Server 2008

version of DNS include:
• Background zone loading
• IP version 6 support
• Support for read-only domain controllers
• Global single names
• Global query block list
Slide 5 of 26
DNS Improvements for Windows Server 2008 R2
TOPIC
New or enhanced features in the Windows Server 2008 R2

version of DNS include:
• DNS Security Extensions
• DNS Devolution
• DNS Cache Locking
• DNS Socket Pool
• Name Resolution Policy Table
Slide 6 of 26
Considerations for Deploying the DNS Server Role
TOPIC
DNS
DNS Server
Server
Subnet 2
DNS
DNS Zone
Zone
DNS
DNS Client
Client
Subnet 1
DNS
DNS Client
Client
DNS
DNS Server
Server
Subnet 3
DNS
DNS Zone
Zone
DNS
DNS Client
Client
Slide 7 of 26
What Are the Components of a DNS Solution?
TOPIC
Root “.”
Resource
Record
.com
.edu
Resource
Record
DNS Resolvers DNS Servers DNS Servers on the Internet
Slide 8 of 26
DNS Resource Records
TOPIC
DNS resource records include:
• SOA: Start of Authority
• A: Host Record
• CNAME: Alias Record
• MX: Mail Exchange Record
• SRV: Service Resources
• NS: Name Servers
• AAAA: IPv6 DNS Record
• PTR: Pointer Record
Slide 9 of 26
What Are Root Hints?
TOPIC
Root
Root hints
hints contain
contain the
the IP
IP addresses
addresses for
for DNS
DNS root
root servers
servers
Root (.) Servers
DNS Servers
Root Hints
com
DNS Server
Client microsoft
Slide 10 of 26
What Are DNS Queries?
An
An iterative
iterative query
query directed
directed toto a
a DNS
DNS server
server may
may be
be TOPIC
A queryanswered
A query answered
is
is a
a requestwith
request fora
with
for referral
aname
referral
name to
to another
resolution
resolution andDNS
another
andDNS
is server
server to
is directed
directed to a
a
DNS
DNS server
server
Iterative Query Root Hint (.)
Local DNS Server
Ask .com
• Queries are recursive or iterative
A
A recursive
recursive query
query isis sent
sent to
to a
a IDNS
teratiserver
DNS server and and requires
requires aa
complete
complete answer
answer
• DNS clients and DNS servers ve Ququeries
initiate ery
om
Ask c .com
ontos
tos ry
o com
• DNS servers are authoritative or .nonauthoritative
o. c
con ue
for
.11
il1. e Q
a namespace mail1.contoso.com Ite

Au rat
.64
tho ive
ma ursiv
rita Qu
.16
• An authoritative DNS server for tthe ive namespace ery will either:
Re
Rec
• Return the requested IP address spo

172
Contoso.com
• Return an authoritative “No” n se
Database
• A nonauthoritative DNS server for the namespace will either:
172.16.64.11
• Check its cache
Client Local DNS Server
DNS
• UseClient
forwarders
• Use root hints
Slide 11 of 26
What Is Forwarding?
TOPIC
A
A forwarder
forwarder
Conditional
Conditional is
is a
a DNS
DNS
forwarding
forwarding server
server
forwards
forwards designated
designated
requests
requests using to
to resolve
resolve
using aa domain
domain name
name
external
condition or
external
condition or offsite
offsite DNS
DNS domain
domain names
names
All other DNSQuery

Iterative domains
Forwarder Root Hint (.)
Local DNS Ask .com ISP DNS
Iterat
10 .co ery
ive Q
uery
Ask cco
Qu
onntos .com
11
7. m
to o.co
e
so m
0.
co r siv
.
Itceo
o
rm
13 tos
w. fcour
Aut ativ
hor eQ
n
ww erRye
1.
itat uer
ive y
131. Res
Qu
107. pon
0.11 se
Recu
rs
mail1 ive Query contoso.com
.cont f or
oso.com
Client Computer
Local DNS Server Client
Contoso.com DNS
Slide 12 of 26
How DNS Server Caching Works
TOPIC
DNS server cache

Host name IP address TTL
ServerA.contoso.com 131.107.0.44 28 seconds
Where’s
ServerA is at
ServerA?
131.107.0.44
ServerA
Client1
ServerA
Where’sis at
Client2 131.107.0.44
ServerA?
Slide 13 of 26
What Is a DNS Zone?
Internet TOPIC
“.” DNS root domain
.com
.com
microsoft.com
domain
microsoft.com
www.microsoft.com
microsoft.com zone WW W
ftp.microsoft.com
FT
P
example.microsoft.co
m
Zone database
d
a te
example.microsoft.com
eg
WWW
l
zone .exam
De
FT ple
P .ex example.microsoft.com
a mp
le www.example.microsoft.com
Zone database ftp.example.microsoft.com
Slide 14 of 26
What Are the DNS Zone Types?
TOPIC
Zones Description
Primary Read/write copy of a DNS database
Secondary Read-only copy of a DNS database
Copy of a zone that contains only

Stub
records used to locate name servers
Active
Zone data is stored in Active
Directory
Directory rather than in zone files
integrated
Slide 15 of 26
What Are Forward and Reverse Lookup Zones?
TOPIC
Namespace: training.contoso.com
DNS Client1 192.168.2.45

DNS Server Authorized
for training Forward DNS Client2 192.168.2.46
Training
zone
DNS Client3 192.168.2.47
192.168.2.45 DNS Client1

Reverse 2.168.192.in-
192.168.2.46 DNS Client2
zone addr.arpa
192.168.2.47 DNS Client3
DNS Client2 = ?
192.168.2.46 = ?
DNS Client3
DNS Client1
DNS Client2
Slide 16 of 26
What Are Stub Zones?
TOPIC
With
Without
With aa stub
Without stub
stub zone
stub zones,
zone defined,
zones, the
the ny.na.contoso.com
defined, the
the location
location of
ny.na.contoso.comof the
theserver
server must
must
na.fabrikam.com
query
query several
several servers
na.fabrikam.com zone
zoneto
servers is
is find
to known
find
known the
thewithout
server
server that
without querying
that hosts
hostsmultiple
querying the
multiple
the
DNS
na.fabrikam.com
DNS servers
na.fabrikam.com
servers zone
zone
DNS server
DNS server
Contoso.com
(Root domain)
fabrikam.com
DNS server DNS server
DNS server
na.contoso.com sa.contoso.com
na.fabrikam.com
DNS server DNS server
Stub zone
:
na.fabrikam
.c om
Stub zone
ny.na.contoso.com : rio.sa.contoso.com
rio.sa.conto
so.com
Slide 17 of 26
DNS Zone Delegation
TOPIC
contoso.com
Training.contoso.com Sales.contoso.com
Slide 18 of 26
What Is a DNS Zone Transfer?
TOPIC
A
A DNS
DNS zone
zone transfer
transfer is
is the
the synchronization
synchronization of
of
authoritative
authoritative DNS
DNS zone
zone data
data between
between DNS
DNS servers
servers
1 SOA query for a zone
2 SOA query answered
3 IXFR or AXFR query for a zone
4 IXFR or AXFR query answered

(zone transferred)
Secondary server Primary and
Master server
Slide 19 of 26
Configuring Zone Transfer Security
TOPIC
• Restrict zone transfer to specified servers
• Encrypt zone transfer traffic
• Consider using Active Directory-integrated zones
Primary Zone Secondary Zone
Slide 20 of 26
What Is Time to Live, Aging, and Scavenging?
TOPIC
Feature Description
Time to Live Indicates how long a DNS record will
(TTL) remain valid
Occurs when records that have been
Aging inserted into the DNS server reach
their expiration and are removed
Performs DNS server resource record
Scavenging
grooming for old records in DNS
Slide 21 of 26
Demonstration: How to Manage DNS Records
TOPIC
This demonstration shows how to:

• Configure TTL
• Enable and configure scavenging and aging
Slide 22 of 26
Tools That Identify Problems With DNS
TOPIC
Tool Used to:

Nslookup Troubleshoot DNS problems
Dnscmd Edit the DNS configuration
Dnslint Diagnose common DNS issues
Ipconfig Display and clear DNS resolver cache
Monitoring tab Perform queries against server
Slide 23 of 26
Monitoring DNS Using the DNS Event Log
TOPIC
• Monitor DNS events in the event log to:

• Monitor zone transfer information
• Monitor computer events
Slide 24 of 26
Monitoring DNS Using Debug Logging
TOPIC
• Enable DNS debug logging to view granular

verbose information about DNS activities
Slide 25 of 26
Lab: Configuring and Troubleshooting DNS
TOPIC
• Exercise 1: Selecting a DNS configuration

• Exercise 2: Deploying and configuring DNS
• Exercise 3: Troubleshooting DNS
Logon information
6421B-NYC-DC1
Virtual machines 6421B-NYC-SVR1
6421B-NYC-CL1
User name Contoso\Administrator
Password Pa$$w0rd
Estimated time: 75 minutes

Slide 26 of 26

Network Infrastructure Windows Server: Configuring and Troubleshooting DNS

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Network Infrastructure Windows Server: Configuring and Troubleshooting DNS

Uploaded by

Copyright:

Available Formats

EDN 132

 Installing the DNS Server Role

 Configuring the DNS Server Role

 Configuring DNS Zones

 Configuring DNS Zone Transfers

 Managing and Troubleshooting DNS

• DNS is the foundation of the Internet naming scheme

• DNS supports accessing resources by using

• DNS was created to support the Internet’s growing

New or enhanced features in the Windows Server 2008

• Background zone loading

• Support for read-only domain controllers

• Global single names

• Global query block list

New or enhanced features in the Windows Server 2008 R2

• DNS Security Extensions

• DNS Cache Locking

• DNS Socket Pool

• Name Resolution Policy Table

DNS Resolvers DNS Servers DNS Servers on the Internet

DNS resource records include:

• SOA: Start of Authority

• CNAME: Alias Record

• MX: Mail Exchange Record

• SRV: Service Resources

• NS: Name Servers

• AAAA: IPv6 DNS Record

• PTR: Pointer Record

Root (.) Servers

a namespace mail1.contoso.com Ite

• Return the requested IP address spo

All other DNSQuery

DNS server cache

“.” DNS root domain

Primary Read/write copy of a DNS database

Secondary Read-only copy of a DNS database

Copy of a zone that contains only

DNS Client1 192.168.2.45

192.168.2.45 DNS Client1

1 SOA query for a zone

2 SOA query answered

3 IXFR or AXFR query for a zone

4 IXFR or AXFR query answered

• Restrict zone transfer to specified servers

• Encrypt zone transfer traffic

• Consider using Active Directory-integrated zones

Primary Zone Secondary Zone

This demonstration shows how to:

Tool Used to:

Dnscmd Edit the DNS configuration

Dnslint Diagnose common DNS issues

Ipconfig Display and clear DNS resolver cache

Monitoring tab Perform queries against server

• Monitor DNS events in the event log to:

• Enable DNS debug logging to view granular

• Exercise 1: Selecting a DNS configuration

Estimated time: 75 minutes

You might also like