Chapter
7, Understanding the Domain Name System
Instructor Note This chapter examines the underlying principles of
the Domain Name System (DNS), which will be applied in the study of the
Microsoft Windows 2000 DNS Server service in Chapter 8, “Using the Windows 2000
DNS Server.”
Lesson
1, “IP Host Naming and DNS,” covers the formation of DNS host and domain names
and how they represent specific areas of the DNS name space. In this part of
the lecture, you should emphasize the formation of DNS names, since this is a
critical part of understanding DNS. This lesson also covers the functions
common to all DNS servers and clients.
Lesson
2, “Resolving Host Names with DNS,” covers the format of DNS messages and the
process of resolving names into addresses. In this lesson, the structure of the
DNS messages is less important than an understanding of the communications
between DNS servers and clients. The process by which a DNS server resolves a
name by forwarding requests to other servers is the most important part of this
lesson and should be your primary emphasis.
Lesson 3, “Planning a DNS Implementation,” explains the
process of implementing DNS for a particular network. This lesson in the
textbook consists primarily of an extended scenario-based DNS implementation
exercise.
Chapter
7, Lesson 1
IP
Host Naming and DNS
1.
Introduction
A. The Transmission
Control Protocol/Internet Protocol (TCP/IP) protocols, particularly the Internet
Protocol (IP), rely completely on IP addresses to identify computers on a network
and transmit data to them.
1. However, IP addresses are difficult for
people to remember.
B. To simplify the interaction between users and TCP/IP computers,
the developers of the TCP/IP
protocols began assigning friendly names, called host names, to TCP/IP hosts.
2. Using
Host Tables
A. A host name is a word that stands for a particular IP address.
1. As originally implemented, each computer
on the ARPANET was assigned a single word as a host name, which people could
use in place of the IP address in the computer’s interface.
a. The ARPANET was the experimental network
that grew into today’s Internet.
B. The use of host names does not affect TCP/IP communications.
1. IP still uses IP addresses in its packet
headers to identify the source and destination of a transmission.
2. To function with the IP addresses and the
existing TCP/IP protocols, the host name supplied by a user must be converted
into the IP address required by the protocols.
|1| C. The process of converting a host name into an IP address is
called name resolution.
1. The first name resolution mechanism used
by TCP/IP computers was a simple file called a host table.
a. A host table is a list of IP addresses and
their equivalent host names.
2. In the early days of TCP/IP, every
computer had its own host table.
3. An application designed to accept host
names as identifiers for other computers resolved each name by looking it up in
the table and then using the equivalent IP address to initiate communications
with the other computer.
D. The host table is a plain text file called Hosts.
1. Every TCP/IP computer still has a Hosts
file, although few of them use it anymore.
2. The Hosts file consists of a list of IP
addresses, one to a line, with the equivalent host name for each address on the
same line, separated by at least one space.
|2| a. An
example of a Hosts file is shown on Slide 2.
E. Host table characteristics
1. The pound character (#) indicates the
beginning of a comment area.
a. All characters following the pound sign on
a single line are ignored.
F. You can still use a host table to resolve frequently used host
names.
1. On a computer running Microsoft Windows
2000, the table is in a file called Hosts, which is located in the systemroot\System32\Drivers\Etc folder.
2. You can use any text editor (such as Notepad.exe)
to add entries to the Hosts file.
G. Advantages of using a host table for name resolution
1.
Simple
2.
Very fast, because the table is stored on the computer’s
local drive
H. The disadvantages of host tables as a general-purpose name
resolution mechanism outweigh their advantages.
1. In the early days of the ARPANET, the
entire network consisted of a few dozen computers.
a. The operators of those computers each
chose their own host name.
b. The host table was brief and easily
maintained, with the network’s users informally notifying each other of new
names to be added to their tables.
2. As the network began to grow, the ARPANET
administrators decided to create a central registry for the host names.
a. The Network Information Center (NIC) at
Stanford Research Institute (SRI) maintained the master Hosts file for all the
computers on the ARPANET.
b. System administrators all over the network
would choose their new host names and send them to NIC, which would add them to
the master host table.
c. Network users would download the latest
version of the Hosts file periodically and copy it to their systems.
3. Although the central registry was an
adequate solution at first, it gradually became impractical as the network
continued to grow.
a. The number of additions to the Hosts file
increased, making it difficult for NIC to keep up with the changes.
b. The number of users downloading the file
created an excessive amount of network traffic.
c. Name conflicts became a problem, as users
assigned host names to their computers without checking to see whether another
computer was already using the same name.
4. Using host tables for name resolution
could only be a temporary solution.
a. A single host table listing the names and
addresses of all the computers on the Internet today would be enormous and
would change thousands of times per second.
5. A more efficient solution was needed, and
this led to DNS.
|3| 3. Designing DNS
A. The developers of ARPANET decided that maintaining an extensive
list of IP addresses and domains for the network required a distributed
database.
1. A distributed database would avoid the
maintenance and traffic problems of a single data store.
2. Objectives of the project
a. Create a means for administrators to
assign host names to their computers without duplicating the names of other
systems
b. Store host names in a database distributed
among servers all over the network, so as to avoid creating a traffic
bottleneck or a single point of failure
c. Develop a standardized system for naming
and accessing electronic mailboxes
B. The result of the project was the Domain Name System (DNS)
|4| 1. Originally
standardized in two Request for Comments (RFCs) published in 1983 by the
Internet Engineering Task Force (IETF)
a. RFC 882, “Domain Names: Concepts and
Facilities” and RFC 883, “Domain Names: Implementation Specification”
b. These RFCs were updated and published in
1987 as RFC 1034 and RFC 1035, respectively, and later ratified as IETF
standards.
|5| C. DNS consists of three elements:
1. The domain name space. A specification for a
tree-structured name space in which each branch of the tree identifies a domain
and contains an information set
2. Name servers. Applications running on
server computers that maintain information about the domain tree structure and
contain authoritative information about specific areas of that structure
3. Resolvers. Client programs that
generate requests for DNS information and send them to name servers for
fulfillment
4. Introducing
the Domain Name Space
A. A name resolution system cannot use single-word names and still
fulfill the objectives for the creation of DNS.
1. For administrators to be able to select
names for their systems without the possibility of name duplication, an
expanded name space is needed.
2. The DNS name space has two administrative
levels:
a. A central registrar assigns one level.
b. The individual network administrator
controls the other level.
3. Network administrators register a network
name (called a domain) and can assign host names within that domain.
|6| B. The domain name space is the naming scheme that provides the
hierarchical structure for the DNS database.
1. The domain is the basic structural unit
of the DNS name space, and each domain consists of a number of hosts.
2. A domain is an administrative entity that
does not necessarily correspond to an IP network address or any other TCP/IP
communications element.
3. The domain name space uses a tree
configuration, much like a directory tree, with a root domain at the top and
multiple layers of branches stemming off the root.
|7| 4. When
expressed as a name, a domain consists of the root, represented by a period,
plus the names assigned to the units at each layer of the tree representing a
particular location in the DNS hierarchy, all separated by periods.
5. Unlike IP addresses, which run from left
to right, domain names run from right to left.
6. As you add more domains to the DNS
hierarchy, the name of each child domain (or subdomain) precedes that of its
parent domain.
|8| 7. At
the second layer or below, each domain can contain any number of hosts.
a. The owner of the domain assigns the host
names.
8. The combination of a host name and all
its domain names up to the root is called a fully qualified domain name (FQDN),
or more colloquially, a DNS name.
|9| a. For
example, on Slide 9, the FQDN computer1.sales.microsoft.com identifies a
computer with the host name computer1 as being in the sales third-level domain.
b. The sales domain is a subdomain of the
microsoft domain and microsoft is a subdomain of the com domain.
|10| C. Root
domain
1. The root domain is located at the top of
the DNS hierarchy and is represented as a period (.) at the right side of an
FQDN.
2. The root domain is the authority for
information about the top-level DNS domains.
D. Top-level domains
Note Use Notepad.exe
to open the Cache.dns file and study its contents.
1. The first word on the right side of an
FQDN (just to the left of the theoretical root period) is the top-level domain
name.
2. Top-level domains are codes, usually
consisting of two, three, or four characters, that represent either the type of
resources the domain contains or the location of the domain.
3. Top-level domains are not available for
registration by private networks but instead function as the registrars for
second-level domains, which are available to private networks.
4. The seven original top-level domains and
the resources they represent
a. com Commercial organizations
b. edu Four-year,
degree-granting educational institutions in North America
c. gov United States government
institutions
d. int Organizations
established by international treaty
e. mil United States military
organizations
f. net Networking organizations
g. org Noncommercial
organizations
5. Most of the countries/regions of the
world are represented by two-letter top-level domain names.
E. Second-level domains
1. The second-level domain is the second
word from the right side in an FQDN and represents the network belonging to a
particular individual, company, or other organization.
2. Second-level domain names are obtained
from a top-level domain registrar for a modest annual fee, usually $20 to $40
per year.
3. A second-level domain can contain both
hosts and subdomains.
4. After you register a second-level domain
name with one of the Internet registrars, you can create as many subdomains and
hosts as you wish in that domain.
5. There is also a special second-level
domain called in-addr.arpa, which is used exclusively for reverse name lookups.
F. Host names
1. Host names refer to specific computers or
other TCP/IP devices on the Internet or a private network.
2. A host name is the leftmost word in an
FQDN, which describes the exact position of a host within the domain hierarchy.
G. Domain naming guidelines
1. When you create subdomains and hosts
within your own second-level domain, consider the following domain guidelines
and standard naming conventions:
a. Limit the number of domain levels. Typically, DNS host
entries should be three or four levels down the DNS hierarchy and no more than
five levels down the hierarchy.
b. Use unique names. Each subdomain must have
a unique name within its parent domain to ensure that the name is unique
throughout the DNS name space.
c. Use simple names. Simple and precise
domain names are easier for users to remember.
d. Avoid lengthy domain names. Domain names at a
particular level can be up to 63 characters long, including the following
period.
(1) The total length of an FQDN cannot exceed
255 characters.
e. Use standard DNS characters. DNS names are not
case-sensitive and can include letters, numbers, and dashes, but they cannot
contain spaces or punctuation symbols.
H. Zones
1. A zone represents a discrete portion of
the name space for a particular domain.
2. Zones provide a way to partition the
domain name space into manageable sections.
a. You can create multiple zones in the name
space of a single domain to distribute administrative tasks to different users
or groups.
|11| b. Slide 11 depicts the microsoft.com domain
name space divided into two zones.
3. A zone must encompass a contiguous area
of a domain’s name space.
a. As Slide 11 shows, you can create a zone
for sales.microsoft.com and the parent domain microsoft.com because these zones
are contiguous.
b. However, you cannot create a zone that
consists of only the sales.microsoft.com domain and the
development.microsoft.com domain because these two domains are not contiguous.
4. The name-to-IP-address mappings for a
zone are stored in the zone database file.
a. Each zone is anchored to a specific
domain, referred to as the zone’s root domain.
b. The zone database file does not necessarily
contain information for all subdomains of the zone’s root domain, only those
within the zone.
|12| 5. Understanding Domain Name Servers
A. A DNS name server stores the zone database file.
1. Name servers can store data for one zone
or multiple zones.
2. A name server has authority for the
domain name space that the zone encompasses.
a. This means that the name server is the
ultimate resource for information about the hosts in that zone.
b. Name servers trying to resolve the name of
a host in a particular zone send their requests to the authoritative name
server for that zone.
B. DNS is a distributed database because DNS information is stored
on servers located all over the Internet.
1. There are DNS name servers on the
Internet that are the authorities for all the domains at every level.
C. To host a domain, you must have access to two DNS name servers
to function as the authorities for that domain.
1. You do not have to actually run the DNS
servers on your network.
2. Many domain owners use the DNS servers of
their Internet service provider (ISP) for this purpose.
D. There must be at least one name server for every zone in a
domain.
1. However, a zone can have multiple name
servers associated with it.
2. One of these name servers contains the
master zone database file (also called the primary zone database file) for that
zone.
a. The server containing the primary zone
database file is the primary master name server for the zone.
b. When you make changes to a zone, such as
adding subdomains or hosts, you modify the primary zone database file.
3. Other name servers associated with the
zone act as backups to the name server containing the primary zone database
file.
a. These backup name servers are called
secondary master name servers, and they contain a secondary zone database file.
E. Advantages of having multiple name servers
1. Performing zone transfers
a.
A secondary master name server obtains a copy of the zone
database file from another name server, called its master server.
(1) This is known as a zone transfer.
b.
The master server can be the primary master for the zone
or another secondary master.
(1) Secondary master name servers periodically
query their master servers for updated zone data.
2. Redundancy
a. If the name server containing the primary
zone database file fails, the additional name servers can provide the name
resolution service to the network.
3. Improved access speed for remote
locations
a. If a number of clients are in remote
locations, you can use additional name servers to reduce the query traffic
across slow wide area network (WAN) links.
4. Reduced loads
a. The additional name servers reduce the
load on the name server containing the primary zone database file.
F. A DNS server does not have to be an authority for a zone in
order to function.
1. You can install a DNS server on your
network for the sole purpose of serving your TCP/IP clients.
a. This is called a caching-only server.
2. The
fundamental unit of storage in the DNS database is the resource record.
a. A resource record, in its simplest form,
is a host name and its equivalent IP address.
b. Other types of resource records contain
different types of information used by DNS name servers and resolvers.
6. Understanding
Resolvers
A. Resolver is the technical term for the DNS client built into
every TCP/IP implementation.
1. The resolver is a set of operating system
routines that enable any application to resolve DNS names by generating DNS
requests and transmitting them to a specified DNS name server.
2. Upon receiving the resolved name and its
accompanying address from the DNS server, the resolver feeds it to the
application, which initiates normal TCP/IP communications.
3. The resolver can also retransmit its
requests when there is no response, and it can relay error messages received
from the server to the application.
Chapter
7, Lesson 2
Resolving
Host Names with DNS
1. Introduction
A. DNS name resolution is something like looking up a name in a
telephone book.
1. Every name is associated with a number
(that is, an IP address) and DNS is the master directory for all the names and
numbers.
2. The DNS name listings are distributed
among thousands of name servers, just as the telephone listings are published
in hundreds of telephone books.
3. The similarity ends here, however,
because DNS enables you to resolve any name in the entire tree by sending a
request to any server.
2. DNS
Messaging
A. DNS is an application layer protocol that most commonly uses
the User Datagram Protocol (UDP) for its communications.
1. The well-known port number 53 is assigned
to the DNS name server process for both UDP and the Transmission Control
Protocol (TCP).
2. If a DNS message is truncated because it
contains more data than can fit in a UDP packet, the computers open a TCP
connection to resend the data.
B. All communications between DNS name servers, and between name
servers and resolvers, use a single message format for both requests and
replies.
|13| C. The DNS
message consists of a 12-byte header followed by the following four sections:
1. Question. Specifies the
information being requested from the destination server
2. Answer. Consists of resource
records containing the information requested in the Question section
3. Authority. Consists of resource
records identifying the authority for the information requested in the Question
section
4. Additional. Consists of resource
records containing additional information furnished in response to the request
in the Question section
|14| D. The
DNS message header format is shown on Slide 14.
|15| 1. Functions
of the DNS message fields
a. ID (2 bytes). Contains a value unique
to each transaction that the computers use to associate requests with replies
b. FLAGS (2 bytes). Contains a number of
1-bit and 4-bit codes that specify the function and properties of the message.
The functions of the bits are as follows:
(1) Bit 1—QR. Indicates whether the
message is a query or a response
(2) Bits 2-5—OPCODE. Indicate whether the
message contains a standard (name to address) query, an inverse (address to
name) query, or a server status request
(3) Bit 6—AA (Authoritative Answer). Indicates that the
message is a response that contains information from an authoritative source
(4) Bit 7—TC (Truncation). Indicates that the
message has been truncated because it contains too much information to fit in a
UDP packet
(5) Bit 8—RD (Recursion Desired). Specifies whether the
message refers to a recursive or an iterative query
(6) Bit 9—RA (Recursion Available). Indicates whether the
server is configured to process recursive queries
(7) Bits 10-12. Not used
(8) Bits 13-16—RCODE (Response Code). In a response message,
these bits indicate whether an error has occurred and contain a code specifying
the type of error.
c. QDCOUNT (2 bytes). Specifies the number of
entries in the Question section
d. ANCOUNT (2 bytes). Specifies the number of
entries in the Answer section
e. NSCOUNT (2 bytes). Specifies the number of
name server resource records in the Authority section
f. ARCOUNT (2 bytes). Specifies the number of
entries in the Additional section
E. The DNS Question section
1. The Question section of a DNS message
contains the number of entries specified in the header’s QDCOUNT field.
a. In most cases there is only one entry.
|16| 2. Functions
of the DNS Question fields
a. QNAME (variable). Contains the DNS name to
be resolved
b. QTYPE (2 bytes). Specifies the type of
resource record being requested
c. QCLASS (2 bytes). Specifies the class of
the resource record being requested
F. The DNS response sections
1. The Answer, Authority, and Additional
sections of a DNS message all contain resource records.
a. The header’s ANCOUNT, NSCOUNT, and ARCOUNT
fields specify the number of resource records.
|17| 2. The
format for each resource record is shown on Slide 17.
|18| 3. Functions
of the DNS resource record fields
a. NAME (variable). Contains the DNS name
about which information is being supplied
b. TYPE (2 bytes). Specifies the type of
resource record the entry contains
c. CLASS (2 bytes). Specifies the class of
the resource record the entry contains
d. TTL (4 bytes). Specifies the amount of
time (in seconds) that the resource record should remain in the cache of the
server to which it is being supplied
e. RDLENGTH (2 bytes). Specifies the length of
the RDATA field in bytes
f. RDATA (variable). Contains the resource
record information, the nature of which is dependent on its TYPE and CLASS
G. DNS request types
1. DNS transactions, whether between two
name servers or between a client and a server, typically consist of a single
query and a single reply.
|19| 2. There are two types of DNS queries,
recursive and iterative, which are indicated by the value of bit 8 in the DNS
message header’s FLAGS field.
3. A recursive query is one in which the
name server receiving the message accepts full responsibility for delivering a
reply containing a resolved DNS name to the system that generated the message.
a. In nearly all cases, the resolver in a DNS
client sends recursive queries to its designated DNS name server.
b. The name server must then do whatever is
necessary to resolve the requested name, whether that includes sending queries
to other name servers or simply replying using its own authoritative
information.
4. The other type of query message is an
iterative query (sometimes called a nonrecursive query).
a. When a name server receives an iterative
query, it responds immediately with the best information that it has in its
possession.
(1) If the server is the authority for the name
or has the name in its cache, it replies with the resolution information.
(2) If the server cannot resolve the name
itself, it might respond by identifying another server that is the authority
for the requested name.
b. The name server receiving an iterative
query is not responsible for searching for the name by sending its own queries
to other servers.
c. Typically, DNS name servers use iterative
queries when requesting information from other servers.
d. A name server configured to receive
recursive queries from other servers in this way is called a forwarder.
(1) Forwarders are generally used if conditions
make it difficult for a name server to perform the repeated server-to-server
transactions needed to resolve a name.
(2) Example: your organization has a number of
branch offices with their own DNS servers and relatively slow Internet
connections.
(a) You might configure the remote DNS servers
to send their name resolution requests using recursive queries to a DNS server
functioning as a forwarder at the corporate headquarters, which has a
high-speed connection to the Internet.
(b) The forwarder can then perform the name
resolution process much more quickly and respond to the server at the branch
office.
(c) The branch office server then replies to
the resolver on the client that originated the name resolution request.
(3) A server that is configured to rely
completely on a forwarder is called a slave or is said to operate in exclusive
mode.
(4) A server running in nonexclusive mode makes
its own attempts to resolve the requested name if the forwarder fails.
3. Resolving
a Name
A. The DNS name resolution process occurs
whenever a user specifies a DNS host or domain name in an application.
1. For example, when you connect to the
Microsoft Web site, you use the name www.microsoft.com, which represents a
particular computer (called www) in a second-level domain (called
microsoft.com).
2. Before sending any messages to the
www.microsoft.com server, your Web browser uses the DNS resolver to convert the
name www.microsoft.com to its associated IP address.
a. This type of name-to-address resolution is
called a forward lookup query.
3. The address mapping for www.microsoft.com
comes from the DNS name server that is the authority for the microsoft.com
domain.
4. The process of resolving the name
consists of getting the DNS request message generated by the resolver to the
authoritative server for the microsoft.com domain and then getting a reply back
to the resolver.
B. DNS name servers can resolve both forward
and reverse lookup queries.
1. A forward lookup query resolves a name to
an IP address, and a reverse lookup query resolves an IP address to a name.
2. A name server can resolve queries only
for names in a zone for which it is the authority.
3. If a name server cannot resolve the query
itself, it passes the query to other name servers in an effort to find the one
that can resolve the query.
4. The first name server then stores the
query results in its cache so that it can respond to future requests for that
name itself, thereby reducing the DNS traffic on the network.
|20| C. The
forward lookup process for a host name
1. The resolver on the DNS client generates
a recursive query for the name www.microsoft.com and transmits it to its local
DNS name server, the IP address for which is specified in its TCP/IP
configuration.
2. The local name server checks its zone
database file to determine whether it contains the authoritative
name-to-IP-address mapping for the name requested by the client.
a. Because the local name server does not
have authority for the microsoft.com domain, it sends an iterative query to one
of the DNS root servers, requesting resolution of the host name.
b. The root name server sends a referral back
to the name servers that are authoritative for the com top-level domain.
3. The local name server then sends an
iterative query to one of the com name servers, which responds with a referral
to the name servers that are authoritative for the microsoft.com domain.
4. The
local name server then sends an iterative query to the authoritative name
server for microsoft.com.
a. Because the Microsoft name server has
authority for that portion of the domain name space, it looks up the requested
name in the appropriate zone database file.
b. The Microsoft name server returns the host
resource record for www.microsoft.com (which contains the IP address associated
with the name) to the local name server.
5. The local name server sends the resource
record for www.microsoft.com in a DNS reply message to the resolver on the
client computer.
6. The resolver on the client computer reads
the IP address for www.microsoft.com from the resource record and supplies it
to the application.
a. The name resolution process is now
complete, and the application can now access www.microsoft.com using its IP
address.
D. In many instances, the forward lookup procedure is abbreviated
considerably, either by the use of cached DNS information stored in one of the
name servers (as described in section 4 below) or by the combination of name
server roles.
1. For example, the DNS root name servers
are also the authoritative servers for com and several other top-level domains.
2. This means that the initial query sent to
the root name server in the previous example would actually result in an
authoritative reply containing the microsoft.com name server address rather
than requiring two separate message transactions.
3. If the requested name was in a top-level
domain for which the root name servers are not the authorities, the referral
process would proceed as described in section 3.C.
|21| 4. Name Server Caching
A. A DNS name resolution process does not always require the
entire process described in section 3.C.
1. In some cases name servers can use
information they have already retrieved from other name servers instead of
issuing a query for the same information.
B. When a name server processes a recursive query, it often needs
to perform several DNS message transactions with various other name servers.
1. With each query, the name server
discovers information about other name servers that have authority for a
portion of the DNS name space.
2. The name server stores these query
results in a cache on the computer’s local drive for later use.
3. When a name server receives a response to
one of its queries, it caches the resource records included in the reply for a
specified amount of time, referred to as the Time to Live (TTL).
4. When the name server receiving the reply
caches the resource records, the TTL starts counting down from its original
value.
5. When the TTL expires, the name server
deletes the resource records from its cache.
C. Caching query results enables the name server to quickly
resolve other queries for the same names or for names in the same domain.
1. Caching not only speeds up the name
resolution process, it also reduces the amount of DNS traffic on the Internet.
2. The root name servers, being at the top
of the DNS tree, are in the greatest danger of becoming a bottleneck for the
whole system.
a. If all the other name servers on the
Internet suddenly stopped caching, the number of requests going to the root
name servers would increase enormously, possibly bringing them to a halt.
D. The cache in a DNS name server is useful even if it does not
contain the resource record for the requested name.
1. If a user attempts to connect to a
computer called ftp.microsoft.com, for example, the fact that the DNS name
server recently resolved www.microsoft.com means that it has the IP address of
the authoritative name server for microsoft.com in its cache.
E. In addition to caching specific resource records, many DNS name
servers use a feature called negative caching.
1. Negative caching occurs when a name
server maintains records of its inability to resolve names.
a. When
a client requests the resolution of a name that its local server recently
failed to resolve because it did not exist in the authoritative server’s zone
database file, the local server can immediately return an error to the client
rather than go through the entire name resolution process again only to have it
fail again.
F. The TTL value specified by authoritative DNS name servers is
critical to the operation of the caching system.
1. Large TTL values cause resource records
to remain in server caches for extended periods of time.
5. Performing
Reverse Name Lookups
A. A reverse name lookup occurs when a client’s resolver sends a
query containing an IP address to its DNS name server and requests the name
associated with that address.
1. Troubleshooting tools, such as the
Windows 2000 Nslookup.exe command-line utility, use reverse name lookups to
report back to the user with a host name instead of an IP address.
2. In addition, certain applications
implement security features based on their ability to connect to names, not IP
addresses.
B. It might seem at first that the reverse name lookup process
should be easy.
1. If a DNS resource record contains both
the name and the IP address of a computer, searching for the IP address should
be as easy as searching for the name.
a. This is true when you are performing a
reverse name lookup on a single DNS name server.
2. If the address you are seeking to resolve
is not located on the local server, however, the question arises of where to
send the query next.
3. Because the DNS name space is indexed by
name and not by IP address, a reverse name lookup performed using the standard
domain structure would require an exhaustive search of every domain name on
every DNS name server.
a. Obviously, this is not practical.
C. To resolve this problem, the designers of DNS created a special
reverse lookup domain called in-addr.arpa.
1. The in-addr.arpa domain follows the same
hierarchical naming scheme as the rest of the domain name space; however, it is
based on IP addresses, not domain names.
|22| 2. The
in-addr domain is a subdomain of arpa.
a. The in-addr domain has 256 third-level
subdomains, which are named with the numbers 0 to 255.
b. Each of those 256 third-level domains has
256 fourth-level subdomains named in the same way as the in-addr domain.
c. Each of the fourth-level domains has 256
fifth-level subdomains.
d. At the sixth level of the hierarchy are
256 possible hosts for each subdomain, which are again named using the numbers
0 to 256.
3. Using this domain structure, it is
possible to express any IP address in terms of an FQDN in the in-addr.arpa
domain.
a. For example, the IP address 192.168.54.217
would exist in the DNS tree as a host with the FQDN
217.54.168.192.in-addr.arpa.
(1) The order of the four decimal values is
reversed in the FQDN because the most significant bit in the DNS name space is
on the right, and the most significant bit in the IP address hierarchy is on
the left.
b. The DNS host name of the computer in this example
is 217, and the host identifier of the computer is also 217.
4. Using this reverse lookup domain
structure, a resolver on a client computer can take an IP address furnished by
an application and generate a DNS query message with the address formatted as
an FQDN in the in-addr.arpa domain.
a. The name resolution process can then
proceed in the normal manner, with the following exception:
(1) The name server is requested to supply a
special type of resource record that contains an address-to-name mapping called
a Pointer (PTR) resource record instead of one that contains a name-to-address
mapping.
Chapter
7, Lesson 3
Planning
a DNS Implementation
|23| 1. DNS Considerations
A. The DNS server configuration for your internetwork depends on
several factors, such as the size of your organization, the locations of your
offices, and your fault tolerance requirements.
B. Although a Windows 2000 network running the Active Directory
service requires a DNS server, as do clients with access to the Internet, the
DNS server itself does not have to run on a Windows 2000 server.
1. In fact, the DNS server does not even
have to be on your local network.
2. As long as you can configure Windows 2000
to reference a valid DNS server that supports the necessary record types, such
as one hosted by your ISP, you can provide the required name resolution
capabilities to Windows 2000.
C. With the increased functionality provided by the version of DNS
included with Windows 2000, you might decide to install and configure your own
DNS server.
1. If your organization, regardless of size,
wants to own a second-level domain name, you must do the following:
a. Register the name with an appropriate
registrar for the top-level domain.
b. Provide the name with the IP addresses of
at least two DNS servers that will be the authorities for the name you choose.
2. You can also set up additional DNS
servers within your organization that are independent of the Internet.
|24| D. For
reliability and redundancy, Microsoft recommends that you deploy at least two
DNS servers per domain—a primary master name server and a secondary master name
server.
1. The primary master name server maintains
the primary zone database file containing the information about the computers
in the domain and replicates it to the secondary master name server, using zone
transfers.
a. This replication enables clients all over
the Internet to resolve names in the domain even if one of the name servers is
unavailable.
b. You can configure the zone transfer
schedule depending on how often names change in the domain.
c. Transfers should occur frequently enough
to keep both servers synchronized nearly all the time.
d. However, excessive replication can
increase network traffic and the processing burden on the name server.