The principles for DNS in Windows Server 2008 are much the same as they were
for Windows Server 2003.
Active Directory absolutely requires DNS. In particular, Active
Directory relies on DNS to find resources such as Global Catalog and Kerberos.
In Windows Server 2008, DNS combines support for standard DNS protocols with the
benefits of integration with Active Directory Domain Services (AD DS).
DNS enables we humans to use meaningful names such as 'BigServer' instead of
pure dot decimal IP addresses. (Or colon hex numbers for IPv6). The
DNS server responds to requests from clients such as XP or Vista to provide the
IP address associated with a mail or web server's DNS domain name. The
beauty of DNS is that it's scaleable because the domain names can be organized
into a hierarchy.
♦
Practical Tasks for DNS in Windows Server 2008
Your first decision is one of approach. Do you take the simplistic
approach? In which case accept the defaults and go with the simple choices.
When you create a Domain Controller (see Add
roles) it is automatically configured to use the appropriate DNS servers for
name resolution.
This method either works incredibly easily, or else it goes spectacularly
wrong; in which case you have to go back to the drawing board, and probably you
should ask for
guidance from someone who has installed and configured DNS before.
The other approach is to practice with DNS on a test network, have one hand
on the keyboard
and the other hand thumbing a text book.
For both approaches, the first task is plan your names. What will be
the name of your Active Directory domain? Will it be the same name as your
DNS domain?
The second task is to install the DNS service. Start with the Server
Manager, and the Add roles and let the wizard install and configure the DNS
role.
Wherever possible choose Active Directory Integrated DNS. Microsoft
Active Directory, working with Microsoft DNS must be better than mixing
Microsoft AD with UNIX DNS.
Mr Average and Mr In-a-Hurry do not need to study DNS in depth. It's near
enough the same as DNS in Windows Server 2003. The main thing to know is
that Microsoft's Windows Server 2008 DNS is compliant with RFC (Refer For
Comments) standards, for example RFC 2136 for Dynamic DNS.
Guy
Recommends: The Free Config Generator
SolarWinds' Config Generator is a free tool, which puts you in charge of
controlling changes to network routers and other SNMP devices.
Boost your network performance by activating network device features
you've already paid for.
Guy says that for newbies the biggest benefit of this free tool is that
it will provide the impetus for you to learn more about configuring the SNMP
service with its 'Traps' and 'Communities'. Try Config Generator now - it's
free!
IPv6
The best feature of DNS in Windows Server 2008 is that it's ready for IPv6.
For example it can handle the 32 hex digits in the IP address. Furthermore
it employs the quad-A (AAAA) resource records for forward name resolution.
While reverse lookup is handled by the new IP6.ARPA domain.
RODC
You may have read else where about the new Windows Server 2008 RODC Read Only Domain Controller.
The implications for DNS are that these servers hold a read only copy of the
ForestDNSZones, and DomainDNSZones.
LLMNR Link-local multicast name resolution is an intelligent system whereby
Vista clients and W2K3 member servers can resolve names on the local subnet even
when the DNS server is down.
This is a new way for Vista clients to contact their local Domain Controller.
Principally a mechanism for laptops. With XP laptops could get 'locked on'
to a distant server, when the laptop returns to base it still fixates on the
distant DC. With Vista, it occasionally tries to find the nearest DC, thus
breaking an inappropriate 20 hop link with a distant DC when there is a
perfectly good Domain Controller in the same building.
Dynamic Updates Windows Server 2008 loads Active Directory in the background, this helps DNS servers with zillions of records who
reboot often. While this is progress, I wonder how common that scenario of
frequent reboots and lots of zone records is?
GlobalNames Zone (GNZ)
Is a way of incorporating WINS resolution within DNS. My mate 'Mad' Mick
says, 'Those bright enough to figure
out GlobalNames are bright enough to have phased out WINS'. However, if
you are a techie genius who is weighted down by old applications that rely on
NetBIOS over TCP/IP then you can add appropriate single-label records as CNAME
records in DNS. The idea of GlobalNames is to replace the static WINS
records for mail servers or possibly web servers.
Should you need to experiment with GlobalNames, then you need to create a
particular zone, this is how you perform the action from the command-line:
Dnscmd ServerName /config /Enableglobalnamessupport 1
Alternatively, you could use the DNS GUI and create a zone called precisely:
GlobalNames (not case sensitive).
Once you have created this special zone called GlobalNames, then add CNAMES
which point to the FQDN of the appropriate mail or web server.
»
Useful DNS Features First Introduced in W2K3 (Windows Server 2003)
DNS Integrated with Active Directory
The biggest breakthrough with DNS was to integrate its database with that of
Active Directory. This made it much easier to replicate. This integration
started in Windows 2000 and there have been minor advancements in Windows Server
2003 and now in Server 2008. e.g RODC, Security and new site location flags.
DNS Stub Zones A stub zone holds a copy of only the resource records that are
necessary to identify the authoritative (child) DNS servers for that zone.
The idea is to help maintain DNS name-resolution efficiency.
Dynamic Update Protocol
Clients such as XP and Vista can tell the DNS Server service to dynamically
update their resource records. Dynamic DNS (DDNS) introduces the one good
feature of WINS into DNS. The result is no need to manually update DNS 'A'
Host records.
Incremental Zone Transfer (IXFR) These days we take for granted the idea of only updating records that
have changed. However, back in NT 4.0 days one change in a host record
resulted the whole of the DNS database being replicated. Very inefficient.
Conditional forwarders Here is another efficient idea if the server does not have a record for
a specific domain, it forwards the request onto a server that is authoritative
for that domain. Requests for other domains would not be treated in this
way, hence Conditional Forwarding.
If you like this page then please share it with your friends
Guy Recommends:
SolarWinds' NPM - Network Performance Monitor
SolarWinds' performance monitor is designed for detecting network outages,
making it easy to see what's working, and what needs your attention.
This utility guides you through creating network maps; it also helps
identifying whether the
root cause is faulty equipment, or resource overload. Give NPM a try.
