DNS ZONES


DNS Zone Types

I know DNS has been one of the boring topics. However, you should know that without DNS Active Directory has no existence, AD always needs a DNS in environment for its complete operations. Knowing DNS in and out can help you a lot to troubleshoot many name resolution and AD related problems.

DNS topic starts with one of the core concept called zones. It’s like some virtual division of authority for respective areas. In each zone there would a DNS to take care of all name resolution operations.

The table below lists the types of DNS zones:

Zone Type

Description

Primary

The primary zone is the master copy of a zone database.

  • The primary zone is the only writeable copy of the zone database.
  • Changes to the zone can only be made to the primary zone.
  • The server that holds the primary zone is called a primary server.
  • Each zone can have only a single primary zone server.
  • Zone data is stored in a text file.

Secondary

A secondary zone is a read-only copy of the zone database.

  • Changes cannot be made to the records in a secondary zone.
  • A server that holds a secondary zone is called a secondary server.
  • Secondary servers copy zone data from other servers through a process called zone transfer.
  • Secondary servers can copy zone data from the primary server or other secondary servers.
  • Zone data is stored in a text file.

Active Directory- integrated

An Active Directory-integrated zone holds zone data in Active Directory instead of a text file.

  • Active Directory-integrated zones are multi-master zones, meaning that changes to the zone information can be made by multiple servers. Multiple servers hold read-write copies of the zone data.
  • Only DNS servers that are domain controllers can host Active Directory- integrated zones.
  • Storing zone data in Active Directory provides automatic replication, fault tolerance, and distributed administration of DNS data.
  • Replication of zone data occurs during Active Directory replication and is secured by Kerberos.

Stub

A stub zone is a zone with only a partial copy of the zone database.

  • The stub zone only contains information about the name servers that are authoritative for the zone; it does not contain information for other hosts.
  • A stub zone is not authoritative for the zone; its purpose is to identify the name servers that can be contacted for full zone information.
  • The stub zone is dynamic, meaning that it will keep the list of name servers for the zone updated automatically.
  • Use a stub zone to forward name requests based on zones while keeping name server lists updated automatically.

GlobalNames

The GlobalNames zone is a special zone in the DNS database that is used for single- label name resolution. Use the GlobalNames zone to:

  •  Allow clients to use simple host names without domain information for name resolution. For example, to contact a server named sales.us.habib.com, users could simply enter the single-label name sales.
  •  Allow DNS clients to contact NetBIOS-only hosts without the need for a WINS server.
  •  Allow IPv6-only hosts to contact NetBIOS hosts (IPv6 does not support the use of WINS).

Be aware of the following when using the GlobalNames zone:

  •   When users enter a single-label name, the client computer first tries to resolve the name using DNS and the search suffix configuration. If that process fails, the GlobalNames zone is checked (if it exists).
  •   Using the GlobalNames zone does not require any changes to client machines.
  •   Dynamic updates are not supported on the GlobalNames zone. You must manually create each record in the GlobalNames zone.
  •   Use the GlobalNames zone to replace WINS servers on your network only when you have a small number of hosts that do not support DNS. For a large number of NetBIOS-only hosts, or to support dynamic registration of single-label names, continue to use a WINS server.

The zone types above describe the read-write capabilities and the storage location of zone data. In addition, zones are classified as one of two types:

  • A forward lookup zone provides hostname-to-IP address resolution. Clients query the DNS server with the hostname, and receive the IP address in return.
  • A reverse lookup zone provides IP address-to-hostname resolution. Clients query the DNS server with the IP address, and receive the hostname in return.

Quick Note – DNS Installation in Windows Server 2008

Don’t worry; I will explain the whole DNS installation with all the screen shot or videos in next posts. However, you should know the following facts about DNS installation in Windows Server 2008:

  • To install DNS in Windows Server 2008, you must be a member of the Domain Admins group.
  • You can install DNS on any version of Windows Server 2008 except for the Windows Server 2008 Web Server edition.
  • You must assign the DNS server a static (or fixed) IP address.
  • To install DNS on a server, use Server Manager and add the DNS role. To add the DNS role from a command prompt (or on Server Core), run: start /w ocsetup DNS-Server-Core-Role
  • Run the oclist command to get a list of services (including DNS) installed on a server.
  • Windows secondary servers can transfer data from non-Windows master servers, and vice versa, as long as the BIND versions are compatible. In some cases, Windows adds non-standard records or information to zone databases that make them incompatible with non-Windows DNS servers, especially servers running older versions of DNS.
  • Use the DNS snap-in or the dnscmd command to manage DNS.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s