DNS servers enabled computers running WinSOck applications to resolve host names easily by sending a query to a central server.
Overview (pp 320 - 345)
Obtaining Domain Information with WHOIS
WHOIS is a white pages directory of people and organizations on the Internet. WHOIS searches are based on keywords. This can be accessed via a Telnet session with the InterNIC WHOIS at rs.internic.net.
DNS is adept at resolving domain names to IP addresses. Sometimes the reverse is necessary. To support reverse mapping a special domain is maintain on the Internet--the in-addr.arpa domain. (pp344 - 345)
DNS server supports hooks into WINS that enable DNS to offer name resolution for names that it learns from WINS (NetBIOS names). All your Microsoft hosts are maintained dynamically by the link between the DNS server and WINS.
You need DNS if you want to connect your TCP/IP hosts to the Internet or to a Unix-based TCP/IP network (only if you want hosts outside of your Microsoft network to access your TCP/IP hosts by name).
Host files are stored on NT computers in this directory C:\winnt\system32\drivers\etc Supporting this means editing a master HOSTS file and distributing it to all computers. If you use DNS, the DNS database doesn't need to be copied to all hosts. It only needs to be installed on the primary and backup DNS servers.
DNS naming convention for Internet connection
The principle way to connect to the Internet is to subscribe using an Internet Access Provider (IAP). IAPs are assigned blocks of IP addresses. IAP will usually help you obtain a domain name too.
Two methods to configure NT Server 4 DNS Server
BIND (Berkeley Internet Name Domain) must stop and re-start services when loading new entries to the database.
Graphic Interface (wizards and can be updated dynamically no need to reboot)
There are 5 files that need to be maintained.
BOOT
The boot file responsible for the following:
The boot file has two directives (primary and cache) The primary directives declare the domains for which the server is authoritative and the data file that describes each domain. A primary directive is required for each of these domains. Each DNS server is authoritative for the loopback domain so that attempts to resolve loopback addresses are not propagated beyond the local DNS. server, The cache directive specifies the file that is authoritative for the root domain. Makes the files immediately available, no need to search for them like the primary directives.
Domain Database File
A DNS server is responsible for portions of the overall domain name space. Each portion is called a zone. A zone consists of specific domain, either in the forward naming domain name space or in the reverse-naming in-addr-arpa name space. By default DNS Manger assigns the file name extension.dns to database files.
Resource Record Types:
SOA (start of authority) resource record is found at the beginning of each mapping database file. This block of information declares the host that is most authoritative for the domain, contact information and some DNS server parameters.
SOA Parameters:
The WINS record (WINS)
The WINS record enables DNS, WINS, and DHCP to sooperate. DNS name resolution is ordinarily static, based on manually maintained database files. WINS record lets you assign IP addresses dynamically with DHCP, resolve NetBIOS names to dynamic addresses with WINS and make the name-to-address mappings available to DNS.
The WINS record accepts one or more IP addresses that specify the WINS servers that DNS is to consult when you are unable to resolve an address.
Name Server Records (NS)
A name server record must declare each primary and secondary name server that is authoritative for the zone. The name orignates with the root and name servers are declared by IN NS records.
Address Records (A)
Each host name DNS resolves must be specified using an address (A) resource record, unless the name will be resolved through WINS. (Multihomed hosts require an address declaration for each network adapter.
Aliases
Aliases are declared using CNAME (Canonical Name) resource records. The advantage of coding aliases using CNAME is that the actual IP address of the host appears in one place only. If the IP address changes, a single edit updates both the primary address map and the alias.
E-mail Server Records
The most popular mail environment in the TCP/IP world is based on sendmail. The MX record specifies a specific mail server for that domain. If you're domain has more than one email server, each server is represented in an MX record. Incoming mail is routed to the available server with the highest priority.
Reverse-Matching Database File
A Reverse-Matching (address-to-name matching) (in-addr.arpa) database file is required for each network ID for which DNS server is authoritative. The reverse-naming files use the same SOA (Start Of Authority) header as the domain database file. (the @ means the domain specified in the Boot file)
PTR (pointer record)
The PTR records provide reverse mappings between IP addresses and host names. The host names must be fully specified from the root domain.
The Cache File
The Cache.dns file declares name-to-address mappings to be cached in the DNS server. Cached entries define DNS servers that are authoritative for the root domain. If you are to attach to the Internet, the cache.dns file will identify the Internet root name servers. You can obtain an official copy of the root name server list in three ways:
Each host is declared in two directives:
setting up a secondary Name server provides redundancy to your network in the invent of failure.
Zone transfer is when the secondary name server obtains the data from other name server. A secondary server can obtain data from both a primary or other secondary name servers. The distinction between primary and secondary name servers is found in the structure of the BOOT file.
The DNS directory of the secondary name server needs copies of the following files:
The role of a name server is specified by the use of the primary and secondary directives in the BOOT file. A name server can be primary for some zones and a secondary for other zones.
The information in the cache.dns is identical for all DNS servers. Each DNS server is configured with a lcoal cache.nds file.
In addition to customizing the BOOT file for the secondary server, you will need to add NS records for the secondary server to the database files on the primary DNS server.
by default the database files are stored in \%systemroot%\system32\dns folder. Only a cache.dns file is installed in this folder during the initial installation.
Creating a DNS server
Once server has been added there are several icons created:
these four zones require no maintenance on administrators part and can be left hidden.
Server Roles
primary name server - loads all zone information from the local files and is the authority for the domain.
secondary name server -(backup) must be registered with InterNIC. A secondary name server contacts its master name server, usually the primary.
cache-only name server - can resolve queries sent to it by the client computers by finding and consulting with an authoritative server for the domain you are looking.
creating a primary reverse-lookup zone
Once the reverse-lookup zones have been created, you can begin to create the name-lookup zones.
(note: the SOA and the NS resource records have been created already, you'll only need to add the A records you need.
A (Address Records) added only for hosts associated with fixed IP addresses or not registered with WINS. (hosts registered with WINS can be entered in the zone database through WINS lookups)
CNAME establishes an alias.
When a zone is created, it is assigned a default set of properties and a SOA record is established. On the Zone Properties dialog box, there are four tabs associated with it.
You need at least one WINS server operating to register hosts in the zone and WINS lookup must be enabled in the zone database.
TCP/IP properties
If you want DNS server to be the only method of name resolution, you can Enable DNS for Windows resolution on WINS address tab of TCP/IP properties.
There are six methods of NetBIOS name resolution in NT.
NetBIOS Name Cache
LMHOSTS file
Broadcast
NetBIOS Name Server
HOSTS file
A DNS Server
The exact order is determined by the node type used
B-Node - Broadcast node
- NetBIOS Name Cache
- Broadcast a NetBIOS Name Query
- LMHOSTS file
- HOSTS file
- A DNS Server
P-Node - Peer - to -Peer Node uses an NBNS
- NetBIOS Name Caches
- Asking a NetBIOS Name Server (NBNS)
- HOSTS file
- A DNS Server
M-Node - Mixed node, tries B-node first and then P-node
- NetBIOS Name Cache
- Broadcast a NetBIOS Name Query
- checking LMHOSTS file
- Asking a NetBIOS Name Server (NBNS)
- checking HOSTS file
- consulting a DNS Server
H-Node - Hybrid node, tries P-node first and then B-node
- NetBIOS Name Cache
- Asking a NetBIOS Name Server (NBNS)
- Broadcast a NetBIOS Name Query
- checking LMHOSTS file
- checking HOSTS file
- consulting a DNS Server
When winsock makes a request, the order of name resolution changes to the following order:
Guidelines for using NetBIOS commands to hosts names
When using a NetBIOS command (net use) and the host name is > 15 characters or contains a period, NT uses hostname resolution
When using a NetBIOS command (net use) and the host name is < 15 characters and does not contain a period, NT uses NetBIOS name resolution
When using a WinSock application (FTP) NT uses hostname resolution.
NSLOOKUP
a utility borrowed from BIND that can be used to troubleshoot DNS servers. NSLOOKUP is used at command prompt and can be used either in interactive or non-interactive modes. By default NSLOOKUP searches for entries in Address (A) resource records. The (ls) command will directly examine the records in a domain.