What is the main purpose of a DNS server?DNS servers are used to resolve FQDN hostnames into IP addresses and vice versa.
What is the port no of dns ?
53.
What is a Forward Lookup?
Resolving Host Names to IP Addresses
What is Reverse Lookup?
Resolving IP Addresses to Host Names
What is a Resource Record?
It is a record provides the information about the resources available in the N/W infrastructure.
What are the diff. DNS Roles?
Standard Primary, Standard Secondary, & AD Integrated.
What is a Zone?
Zone is a sub tree of DNS database.
Secure services in your network require reverse name resolution to make it more difficult to launch successful attacks against the services. To set this up, you configure a reverse lookup zone and proceed to add records. Which record types do you need to create?
PTR Records
SOA records must be included in every zone. What are they used for?SOA records contain a TTL value, used by default in all resource records in the zone. SOA records contain the e-mail address of the person who is responsible for maintaining the zone. SOA records contain the current serial number of the zone, which is used in zone transfers.
By default, if the name is not found in the cache or local hosts file, what is the first step the client takes to resolve the FQDN name into an IP address?
Performs a recursive search through the primary DNS server based on the network interface configuration
What is primary, Secondary, stub & AD Integrated Zone?
Primary Zone: - zone which is saved as normal text file with filename (.dns) in DBS folder. Maintains a read, write copy of zone database.
Secondary Zone: - maintains a read only copy of zone database on another DNS server. Provides fault tolerance and load balancing by acting as backup server to primary server.
Stub zone: - contains a copy of name server and SOA records used for reducing the DNS search orders. Provides fault tolerance and load balancing.
How do you manually create SRV records in DNS?
This is on windows server go to run ---dnsmgmt.msc rightclick on the zone you want to add srv record to and choose "other new record" and choose service location(srv).
What is the main purpose of SRV records ?
SRV records are used in locating hosts that provide certain network services.
Before installing your first domain controller in the network, you installed a DNS server and created a zone, naming it as you would name your AD domain. However, after the installation of the domain controller, you are unable to locate infrastructure SRV records anywhere in the zone. What is the most likely cause of this failure ?
The zone you created was not configured to allow dynamic updates. The local interface on the DNS server was not configured to allow dynamic updates.
Which of the following conditions must be satisfied to configure dynamic DNS updates for legacy clients ?
The zone to be used for dynamic updates must be configured to allow dynamic updates. The DHCP server must support, and be configured to allow, dynamic updates for legacy clients.
At some point during the name resolution process, the requesting party received authoritative reply. Which further actions are likely to be taken after this reply ?
After receiving the authoritative reply, the resolution process is effectively over.
Name 3 benefits of using AD-integrated zones.
Active Directory integrated DNS enables Active Directory storage and replication of DNS zone databases. Windows 2000 DNS server, the DNS server that is included with Windows 2000 Server, accommodates storing zone data in Active Directory.
When you configure a computer as a DNS server, zones are usually stored as text files on name servers that is, all of the zones required by DNS are stored in a text file on the server computer.
These text files must be synchronized among DNS name servers by using a system that requires a separate replication topology and schedule called a zone transfer However, if you use Active Directory integrated DNS when you configure a domain controller as a DNS name server, zone data is stored as an Active Directory object and is replicated as part of domain replication.
What are the benefits of using Windows 2003 DNS when using AD-integrated zones?
If your DNS topology includes Active Directory, use Active Directory integrated zones. Active Directory integrated zones enable you to store zone data in the Active Directory database.Zone information about any primary DNS server within an Active Directory integrated zone is always replicated.
Because DNS replication is single-master, a primary DNS server in a standard primary DNS zone can be a single point of failure. In an Active Directory integrated zone, a primary DNS server cannot be a single point of failure because Active Directory uses multimaster replication.
Updates that are made to any domain controller are replicated to all domain controllers and the zone information about any primary DNS server within an Active Directory integrated zone is always replicated.
Active Directory integrated zones: Enable you to secure zones by using secure dynamic update.
Provide increased fault tolerance. Every Active Directory integrated zone can be replicated to all domain controllers within the Active Directory domain or forest. All DNS servers running on these domain controllers can act as primary servers for the zone and accept dynamic updates.
Enable replication that propagates changed data only, compresses replicated data, and reduces network traffic. If you have an Active Directory infrastructure, you can only use Active Directory integrated zones on Active Directory domain controllers. If you are using Active Directory integrated zones, you must decide whether or not to store Active Directory integrated zones in the application directory partition.
You can combine Active Directory integrated zones and file-based zones in the same design. For example, if the DNS server that is authoritative for the private root zone is running on an operating system other than Windows Server 2003 or Windows 2000, it cannot act as an Active Directory domain controller. Therefore, you must use file-based zones on that server. However, you can delegate this zone to any domain controller running either Windows Server 2003 or Windows 2000.
You installed a new AD domain and the new (and first) DC has not registered its SRV records in DNS. Name a few possible causes.
The machine cannot be configured with DNS client her own .
The DNS service cannot be run.
What are the benefits and scenarios of using Stub zones?
Understanding stub zones
A stub zone is a copy of a zone that contains only those resource records necessary to identify the authoritative Domain Name System (DNS) servers for that zone.
A stub zone is used to resolve names between separate DNS namespaces. This type of resolution may be necessary when a corporate merger requires that the DNS servers for two separate DNS namespaces resolve names for clients in both namespaces.
A stub zone consists of:
The start of authority (SOA) resource record, name server (NS) resource records, and the glue A resource records for the delegated zone. The IP address of one or more master servers that can be used to update the stub zone. The master servers for a stub zone are one or more DNS servers authoritative for the child zone, usually the DNS server hosting the primary zone for the delegated domain name.
Use stub zones to:
· Keep delegated zone information current.
By updating a stub zone for one of its child zones regularly, the DNS server hosting both the parent zone and the stub zone will maintain a current list of authoritative DNS servers for the child zone.
· Improve name resolution.
Stub zones enable a DNS server to perform recursion using the stub zone's list of name servers without needing to query the Internet or internal root server for the DNS namespace.
· Simplify DNS administration.
By using stub zones throughout your DNS infrastructure, you can distribute a list of the authoritative DNS servers for a zone without using secondary zones. However, stub zones do not serve the same purpose as secondary zones and are not an alternative when considering redundancy and load sharing.
There are two lists of DNS servers involved in the loading and maintenance of a stub zone:
· The list of master servers from which the DNS server loads and updates a stub zone. A master server may be a primary or secondary DNS server for the zone. In both cases, it will have a complete list of the DNS servers for the zone.
· The list of the authoritative DNS servers for a zone. This list is contained in the stub zone using name server (NS) resource records. When a DNS server loads a stub zone, such as widgets.example.com, it queries the master servers, which can be in different locations, for the necessary resource records of the authoritative servers for the zone widgets.example.com. The list of master servers may contain a single server or multiple servers and can be changed anytime.
What is the "in-addr.arpa" zone used for?
In a Domain Name System (DNS) environment, it is common for a user or an application to request a Reverse Lookup of a host name, given the IP address. This article explains this process. The following is quoted from RFC 1035: "The Internet uses a special domain to support gateway location and Internet address to host mapping. Other classes may employ a similar strategy in other domains. The intent of this domain is to provide a guaranteed method to perform host address to host name mapping, and to facilitate queries to locate all gateways on a particular network on the Internet.
"The domain begins at IN-ADDR.ARPA and has a substructure which follows the Internet addressing structure. "Domain names in the IN-ADDR.ARPA domain are defined to have up to four labels in addition to the IN-ADDR.ARPA suffix. Each label represents one octet of an Internet address, and is expressed as a character string for a decimal value in the range 0-255 (with leading zeros omitted except in the case of a zero octet which is represented by a single zero).
"Host addresses are represented by domain names that have all four labels specified." Reverse Lookup files use the structure specified in RFC 1035.
For example, if you have a network which is 150.10.0.0, then the Reverse Lookup file for this network would be 10.150.IN-ADDR.ARPA. Any hosts with IP addresses in the 150.10.0.0 network will have a PTR (or 'Pointer') entry in 10.150.IN- ADDR.ARPA referencing the host name for that IP address. A single IN- ADDR.ARPA file may contain entries for hosts in many domains. Consider the following scenario. There is a Reverse Lookup file 10.150.IN-ADDR.ARPA with the following contents: Exp : 1.20 IN PTR WS1.ACME.COM.
What does a zone consist of & why do we require a zone?
Zone consists of resource records and we require zone for representing sites.
What is Caching Only Server?
When we install 2000 & 2003 server it is configured as caching only server where it maintains the frequently accessed sites information and again when we access the same site for next time it is obtain from cached information instead of going to the actual site.
What is forwarder?
When one DNS server can?t receive the query it can be forwarded to another DNS once configured as forwarder.
What is secondary DNS Server?
It is backup for primary DNS where it maintains a read only copy of DNS database.
How to enable Dynamic updates in DNS?
StartProgramAdmin toolsDNS Zone properties.
What are the properties of DNS server?
INTERFACES, FORWARDERS, ADVANCED, ROUTINGS, SECURITY, MONITORING, LOGGING, DEBUG LOGGING.
Properties of a Zone?
General, SOA, NAMESERVER, WINS, Security, and ZONE Transfer.
What is scavenging?
Finding and deleting unwanted records.
What are SRV records?
SRV are the service records, there are 6 service records. They are useful for locating the services.
What are the types of SRV records?
MSDCS:Contains DCs information.
TCP:Contains Global Catalog, Kerberos & LDAP information.
UDP:Contains Sites information.
Sites:Contains Sites information.
Domain DNS Zone:Conations domain?s DNS specific information.
Forest DNS zone:Contains Forest?s Specific Information.
Where does a Host File Reside?
c:\windows\system32\drivers\etc.
What is SOA?
Start of Authority: useful when a zone starts. Provides the zone startup information.
What is a query?
A request made by the DNS client to provide the name server information.
What are the diff. types of Queries?
Recursion, iteration.
Tools for troubleshooting DNS?
DNS Console, NSLOOKUP, DNSCMD, IPCONFIG, Logs.
What is WINS server? where we use WINS server? difference between DNS and WINS?
WINS is windows internet name service used to resolve the NetBIOS(computer name)name to IP address.This is proprietary for Windows.You can use in LAN.DNS is a Domain Naming System, which resolves Host names to IP addresses. It uses fully qualified domain names. DNS is an Internet standard used to resolve host names.
What is new in Windows Server 2003 regarding the DNS management?
When DC promotion occurs with an existing forest, the Active Directory Installation Wizard contacts an existing DC to update the directory and replicate from the DC the required portions of the directory.
If the wizard fails to locate a DC, it performs debugging and reports what caused the failure and how to fix the problem. In order to be located on a network, every DC must register in DNS DC locator DNS records. The Active Directory Installation Wizard verifies a proper configuration of the DNS infrastructure. All DNS configuration debugging and reporting activity is done with the Active Directory Installation Wizard.
SOA records must be included in every zone. What are they used for?
SOA records contain a TTL value, used by default in all resource records in the zone. SOA records contain the e-mail address of the person who is responsible for maintaining the zone. SOA records contain the current serial number of the zone, which is used in zone transfers.
By default, if the name is not found in the cache or local hosts file, what is the first step the client takes to resolve the FQDN name into an IP address? Performs a recursive search through the primary DNS server based on the network interface configuration.
How do I clear the DNS cache on the DNS server?
Go to cmd prompt and type ipconfig /flushdns .
What is the main purpose of SRV records?
SRV records are used in locating hosts that provide certain network services.
What is the "." zone in my forward lookup zone?
This setting designates the Windows 2000 or Windows Server 2003 DNS server to be a root hint server and is usually deleted. If you do not delete this setting, you may not be able to perform external name resolution to the root hint servers on the Internet.
Do I need to configure forwarders in DNS?
No. By default, Windows 2000 DNS uses the root hint servers on the Internet; however, you can configure forwarders to send DNS queries directly to your ISP's DNS server or other DNS servers. Most of the time, when you configure forwarders, DNS performance and efficiency increases, but this configuration can also introduce a point of failure if the forwarding DNS server is experiencing problems.
The root hint server can provide a level of redundancy in exchange for slightly increased DNS traffic on your Internet connection. Windows Server 2003 DNS will query root hints servers if it cannot query the forwarders.
Should I point the other Windows 2000-based and Windows Server 2003-based computers on my LAN to my ISP's DNS servers?
No. If a Windows 2000-based or Windows Server 2003-based server or workstation does not find the domain controller in DNS, you may experience issues joining the domain or logging on to the domain. A Windows 2000-based or Windows Server 2003-based computer's preferred DNS setting should point to the Windows 2000 or Windows Server 2003 domain controller running DNS.
If you are using DHCP, make sure that you view scope option #15 for the correct DNS server settings for your LAN.
Do I need to point computers that are running Windows NT 4.0 or Microsoft Windows 95, Microsoft Windows 98, or Microsoft Windows 98 Second Edition to the Windows 2000 or Windows Server 2003 DNS server?
Legacy operating systems continue to use NetBIOS for name resolution to find a domain controller; however it is recommended that you point all computers to the Windows 2000 or Windows Server 2003 DNS server for name resolution.
What if my Windows 2000 or Windows Server 2003 DNS server is behind a proxy server or firewall?
If you are able to query the ISP's DNS servers from behind the proxy server or firewall, Windows 2000 and Windows Server 2003 DNS server is able to query the root hint servers. UDP and TCP Port 53 should be open on the proxy server or firewall.
What should I do if the domain controller points to itself for DNS, but the SRV records still do not appear in the zone?
Check for a disjointed namespace, and then run Netdiag.exe /fix.
You must install Support Tools from the Windows 2000 Server or Windows Server 2003 CD-ROM to run Netdiag.exe.
How do I set up DNS for a child domain?
To set up DNS for a child domain, create a delegation record on the parent DNS server for the child DNS server. Create a secondary zone on the child DNS server that transfers the parent zone from the parent DNS server.
Note Windows Server 2003 has additional types of zones, such as Stub Zones and forest-level integrated Active Directory zones, that may be a better fit for your environment. Set the child domain controller to point to itself first. As soon as an additional domain controller is available, set the child domain controller to point to this domain controller in the child domain as its secondary.