Microsoft Official Course

Module 7

Implementing DNS
Module Overview

Name Resolution for Windows Clients and Servers

Installing and Managing a DNS Server
• Managing DNS Zones
Lesson 1: Name Resolution for Windows Clients
and Servers

What Are Computer Names?

What Is DNS?
DNS Zones and Records
How Internet DNS Names Are Resolved
What Is Link-Local Multicast Name Resolution?
How a Client Resolves a Name
• Troubleshooting Name Resolution
What Are Computer Names?

Name Description

• Up to 255 characters long

• Can contain alphabetic and numeric

characters, periods, and hyphens
• Part of FQDN
Host name
• Represent a single computer or group
of computers
• 15 characters used for the name

• 16th character identifies service

NetBIOS name • Flat namespace

What Is DNS?

DNS can be used to:

• Resolve host names to IP addresses

• Locate domain controllers and global catalog

servers
• Resolve IP addresses to host names

• Locate mail servers during email delivery

DNS Zones and Records

A DNS zone is a specific portion of DNS namespace

that contains DNS records
Zone types:
• Forward lookup zone
• Reverse lookup zone

Resource records in forward lookup zones include:

• A, MX, SRV, and CNAME

Resource records in reverse lookup zones include:

• PTR, NS, and SOA
How Internet DNS Names Are Resolved

Microsoft.com
DNS server

.com DNS server

What is the IP address
of Root DNS server
www.microsoft.com?

Local DNS server

207.46.230.219
Workstation
What Is Link-Local Multicast Name Resolution?

LLMNR is an additional method for name

resolution that does not use DNS or WINS
• LLMRN is IPv6 specific
• Works only on Windows Vista or newer Windows
operating systems
• Network Discovery must be enabled
• Can be controlled via Group Policy
How a Client Resolves a Name

1. Local Host Name

7. Lmhosts File

2. DNS Resolver
Cache / Hosts file 6. Broadcast
content

3. DNS Server 5. WINS Server

4. NetBIOS Name Cache

Troubleshooting Name Resolution

• Common utilities for troubleshooting name

resolution are:
• Nslookup
• Dnscmd
• Dnslint
• Ipconfig
• DNS Server Monitoring

• Always clear DNS resolver cache before

troubleshooting
• Use the hosts file for troubleshooting purposes
• Isolate problem
Lesson 2: Installing and Managing a DNS Server

What Are the Components of a DNS Solution?

What Are Root Hints?
What Are DNS Queries?
What Is Forwarding?
How DNS Server Caching Works
How to Install the DNS Server Role
• Demonstration: Installing the DNS Server Role
What Are the Components of a DNS Solution?

Root “.”

Resource
Record

.com

Resource
Record
.edu
DNS Resolvers DNS Servers DNS Servers on the Internet
What Are Root Hints?

Root hints contain the IP addresses for DNS root servers

Root (.) Servers

DNS Servers
Root Hints

com
DNS Server

Client microsoft
What Are DNS Queries?
An iterative query directed to a DNS server may be
A DNS query is a request
answered for name
with a referral toresolution
another DNS thatserver
is directed to a
DNS server
Local DNS server Iterative query Root hint (.)
• Queries are recursive or iterative
Ask .com
• ADNS
recursive query
clients and DNSisservers
sent to a DNS server and requires
Iinitiate
terativ queries
a complete answer A e quer
y .com
s k co
.com

• DNS servers are authoritative or ntnonauthoritative

oso.c for a namespace
ont query

om
oso

mail1.contoso.com t
• An authoritative DNS serverAufor the Inamespace
. 11

era will either:

th o tive
ma ursive

.64

• Return the requested IP addressritat qu e

ive ry
.16
il1.c

• Return an authoritative “No” res

pon
Rec

contoso.com
172

se
• A nonauthoritative DNS server for the namespace will Database
either:
• Check its cache 172.16.64.11
• Use forwarders
DNS client client
• Use Local DNS server
root hints
 What Is Forwarding?

AConditional
forwarder is a DNS server
forwarding designated
forwards to using
requests resolvea external
domain or
name condition
offsite DNS domain names
All Iterative
other DNS domains
query
Forwarder Root hint (.)
Local DNS ISP DNS
Ask .com
Iterati
ve que
Ask cco ry
ery

onnt tos .com

.0.1 m
qu

os o.com
07 co
1

Iote.cro
ve
1.1 o.

am
w. fourrsi

tive
13 os

Aut qu e
h or
ww erRyec
nt

itat ry
co

ive
131.1 resp
Qu

07. 0.
11 o ns
e
Recur
siv
mail1. e query fo contoso.com
conto r
so.com
Local DNS server client
Client contoso.com DNS
computer
How DNS Server Caching Works

DNS server cache

Host name IP address TTL
ServerA.contoso.com 131.107.0.44 28 seconds

ServerA is at
Where’s
131.107.0.44
ServerA?

ServerA
Client1
ServerA
Where’sis at
Client2 131.107.0.44
ServerA?
How to Install the DNS Server Role

• DNS Server Installation Methods

• Server Manager
• Active Directory Domain Services Installation Wizard

• Tools available to manage DNS Server

• DNS Manager Snap-In
• Server Manager
• DNS Manager console (dnsmgmt.msc)
• DNSCmd command-line tool
• Remote Server Administrative tools
Demonstration: Installing the DNS Server Role

In this demonstration, you will see how to:

• Install a second DNS server
• Configure forwarding
Lesson 3: Managing DNS Zones

What Are DNS Zone Types?

What Are Dynamic Updates?
What Are Active Directory-Integrated Zones?
• Demonstration: Creating an Active Directory–
Integrated Zone
What Are DNS Zone Types?

Zones Description

Primary Read/write copy of a DNS database

Secondary Read-only copy of a DNS database

Copy of a zone that contains only

Stub
records used to locate name servers
Active
Zone data is stored in AD DS rather
Directory–
than in zone files
integrated
What Are Dynamic Updates?
DHCP Client service registers 1. Client sends Start of
records for client Authority (SOA) query
• During client startup
• If new/changed IP address 2. DNS server returns SOA
(fixed/DHCP) on any network resource record
connection
• If ipconfig /registerdns is run
3. Client sends dynamic update
request(s) to identify the
primary DNS server

1 2 3 4 5 6 7 4. DNS server responds

that it can perform update
5. Client sends unsecured
update to DNS server
6. If zone permits only secure
updates, update is refused
Resource
7. Client sends secured
DNS Server
Records update to DNS server
What Are Active Directory-Integrated Zones?
• DNS zone data is stored in AD DS
• Allows multimaster writes to zone
• Replicates DNS zone information by using AD DS
replication
• Leverages efficient replication topology
• Uses efficient Active Directory replication processes:
Incremental updates
• Enables secure dynamic updates
• Security: Can delegate zones, domains, contoso.com
resource records • hqdc01
• filesvr01
• desktop101
zone
Demonstration: Creating an Active Directory–
Integrated Zone

In this demonstration, you will see how to:

• Create an Active Directory-integrated zone
• Create a record
• Verify replication to a second DNS server
Lab: Implementing DNS

Exercise 1: Installing and Configuring DNS

Exercise 2: Creating Host Records in DNS
• Exercise 3: Managing the DNS Server Cache

Logon Information
Virtual Machine 20410A-LON-DC1
20410A-LON-SVR1
20410A-LON-CL1
User Name Adatum\Administrator
Password Pa$$w0rd

Estimated Time: 45 minutes

Lab Scenario

A. Datum Corporation has an IT office and data center in

London, which supports the London location and other
locations. A. Datum has recently deployed a Windows 2012
Server infrastructure with Windows 8 clients. You need to
configure the infrastructure service for a new branch office.
Your manager has asked you to configure the domain
controller in the branch office as a DNS server. You have
also been asked to create some new host records to
support a new application that is being installed. Finally, you
need to configure forwarding on the DNS server in the
branch office to support Internet name resolution.
Lab Review

Can you install DNS server role on the server that is not a
domain controller? If yes, are there any limitations?

What is the common way to handle Internet names

resolution on local DNS?

How can you browse the content of DNS resolver cache on

DNS Server?
Module Review and Takeaways

• Review Questions
• Best Practices
• Common Issues and Troubleshooting Tips
• Tools