Microsoft Exam Cram

Patrick Regan

Previous Article Next Article

Domain Name System (DNS) – Part II DNS Zones and Name Resolution

By Anon on Mon, 03/31/08 - 10:36pm.

A DNS zone is a portion of the DNS namespace whose database records exist and are managed in a particular DNS database file. Each zone is based on a specific domain node, which is also referred to as the zone’s root domain. It is the authority source for that node. Zone files do not necessarily contain the complete DNS branch since subdomains may be its own zone. Note: If subdomains are added below the domain, the subdomains can be part of the same zone or belong to another zone.

SOA (Start of Authority) - Identifies the name server that is the authoritative source of information for data within a domain. An SOA record is created automatically when you create a new zone. A primary server for a given zone lists itself in SOA record to show that it's the source for this zone. The first record in the zone database file must be the SOA Record.
NS (Name Server) - Provides a list of name servers that are assigned to a domain.
A (Host Address) - Provides a host name to an Internet Protocol (IP) version 4 32-bit address. For more information, see RFC 1035.
PTR (Pointer) Resolves an IP address to a host name (reverse mappings). For more information, see RFC 1035.
CNAME (Canonical Name) - Alias Creates an alias or alternate DNS domain name for a specified host name. The most common or popular use of an alias is to provide a permanent DNS aliased domain name for generic name resolution of a server-based name such as www.acme.com and ftp.acme.com to more than one computer or IP address used in a web server. This way, you can assign acme.com to one server, www.acme.com to second server and ftp.acme.com to a third server. If you do use the same server for all three entries and you decide it to split the service to separate service, you just have to change the CNAME resource record to point to the new server.
SRV (Service) - Locates servers that are hosting a particular service. Note: SRV records are new in Windows 2000 DNS Server Services. This record enables you to maintain a list of servers for a well-known server port and transport protocol type ordered by preference for a DNS domain name. For more information, see the Internet draft “A DNS RR for specifying the location of services (DNS SRV).”
MX (Mail Exchanger) - Identifies which mail exchanger to contact for a specified domain and in what order to use each mail host.

Most BIND implementations have three types of zones that you can configure: a standard primary and a standard secondary zone. Windows 2000, Windows Server 2003 and Windows Server 2008 servers also use a third type called the Active Directory Integrated zone.The primary name server is a name server that stores and maintains the zone file locally. Changes to a zone, such as adding domains or hosts, are done by changing files at the primary name server. A secondary name server gets the data from its zone from another name server, either a primary name server or another secondary name server. The process of obtaining this zone information across the network is referred to as a zone transfer. Zone transfers occur over TCP port 53. The Active Directory integrated zone has the zone defined using the Active Directory, not the zone files.The source of the zone information for a secondary name server is referred to as a master name server. A master name server can be either a primary or secondary name server for the requested zone.When a client computer needs an IP address, the client computer will send a name query to the DNS Client service (resolver) located on the client. The DNS Client service will then check the locally cached information and local HOST file (if present). Note: the cache area is not the cache inside the processor but an area of memory in RAM set aside to hold DNS entries. The entries in the cache come from the preloaded entries of the HOSTS file or from previous answered responses. When previous queries are cached, the data is kept for a preset time period known as the Time To Live (TTL). If the query does not match an entry in the cache, the resolution process continues with the client querying a DNS server to resolve the name.When the resolver queries a DNS server, it will perform a recursive query. A recursive query asks the DNS server to respond with the requested data or with an error stating that the requested data doesn’t exist or that the domain name specified doesn’t exist. Note: the name server does not refer the query to another name server unless it is configured as a forwarder, in which it will forward the DNS request as a recursive query.When the DNS server receives a request, it will check to see if the host name is located in its own zone database file, in which it is an authority. If it is not listed in the zone file, it will then check the cache area. From then on, the DNS server use iterative queries to resolve the name. An iterative query gives the best answer it currently has back as a response. The best answer will be the address being sought or an address of a server that would have a better idea of its address.Typically, the process of domain name resolution occurs very quickly. Occasionally, it may be delayed. If the delay is too long, the browser will come back and say that the domain does not exist even though you know that it doesn’t. This is because your computer got tired of waiting and timed out. Yet, when you try again, there is a good chance it will work because the authoritative server has had enough time to reply and the name servers has stored the information in its cache.DNS servers can be configured to send all recursive queries to a selected list of servers, known as forwarders. Servers used in the list of forwarders provide recursive lookup for any queries that a DNS server receives that it cannot answer based on its own zone records. During the forwarding process, a DNS server configured to use forwarders essentially behaves as a DNS client to its forwarders. Typically forwarders are used on remote DNS servers that use a slow link to access the Internet.DNS servers use a mechanism called round-robin or load sharing to share and distribute loads for network resources. Round-robin rotates the order of resource records data returned in a query answer in which multiple resource records exist of the same resource record type for a queried DNS domain name. Since the client is required to try the first IP address listed, a DNS server configured to perform round-robin rotates the order of the A resource records when answering client requests.In addition to reverse lookups, some DNS servers support an inverse query. Like the reverse lookup, a client making an inverse query provides the IP address and requests a FQDN. Instead of using the in-addr.arpa domain to find the answer, it will check its own zone for the answer. If the answer is not in the zone, it will return an error message. Since inverse queries are not very thorough, the inverse queries are not used oftenFor more information, take a look at the MCSE Planning and Maintaining a Windows Server 2003 Network Infrastructure Exam book by Que Publishing. Next week, we will look at configuring DNS within Windows, Dynamic DNS and troubleshooting DNS.