What is Domain Name System (DNS)?
Domain Name System is a service to resolve the Name to IP Address and IP Address to Name, DNS also used to locate servers, computers and services on your network and DNS is backbone of Active Directory that can be installed on windows server as a standalone or Domain Controller
What is Static and Dynamic DNS Record?
Manually created DNS entry called static record and the record created automatically by the system/DHCP itself called Dynamic DNS Record, static records are not easy to manage as the IP adress changes will not update automatically, we have to update manually
What is Dynamic DNS (DDNS)?
Dynamic DNS or DDNS is a method of updating a DNS record, DDNS is preferred most of the organization since it’s easy to maintain and you always get the latest updated IP address of the servers and computers
What are the record types in DNS?
DNS has many types of records, A record or host records are mostly known to everyone, will explain all the record types in DNS
A (Address) Maps a host name to an IP address, Compute1 pointing to 192.168.100.100, When a computer has multiple adapter cards and IP addresses, it should have multiple address records.
CNAME (Canonical Name) Sets an alias for a host name. Record pointing to different record like www.support.windowstricks.in can have an alias as www.windowstricks.in, so both the records are pointing to same page
MX (Mail Exchange) Specifies a mail exchange server for the domain, used for mail delivery which allows mail to be delivered to the correct mail servers
NS (Name Server) Specifies a name server for the domain, which is authoritative servers for the respective DNS Zone and allows DNS lookups within all DNS zones
PTR (Pointer) Creates a pointer that maps an IP address to a host name for reverse lookups.
SOA (Start of Authority) Declares the host that is the most authoritative for the zone and, as such, is the best source of DNS information for the zone. Each zone file must have an SOA record (which is created automatically when you add a zone)
What is Caching Only Server?
Caching-only servers are those DNS servers that only perform name resolution queries, cache the answers, and return the results to the client. Once the query is stored in cache, next time the query in resolved locally from cached instead of going to the actual site.
What are a Forward and Reverse Lookup?
What is Primary DNS zone?
This is the read and writable copy of a zone file in the DNS namespace. This is primary source for information about the zone and it stores the master copy of zone data in a local file or in AD DS. Dy default the primary zone file is named as zone_name.dns in Windows\System32\DNS folder on the server
If its AD integrated zone then all the records are stored in Domain partition on the Domain Controllers
What id Secondary DNS zone?
This is the read only copy of a zone file in the DNS namespace. This is secondary source for information about the zone and it get the updated information from the master copy of primary zone. The network access must be available to connect with primary server. As secondary zone is merely a copy of a primary zone that is hosted on another server, and secondary zone cannot be stored in AD
What is stub DNS Zone?
A stub zone is a read only copy of a zone that contains only those resource records which are necessary to identify the authoritative DNS servers for that particular zone, stub zone also used like DNS Forwarding and its practically used to resolve names between separate DNS namespaces. This type of zone is generally created when a corporate merger or acquire and DNS servers for two separate DNS namespaces resolve names for clients in both namespaces.
A stub zone contains:
The start of authority (SOA) resource record, name server (NS) resource records, and the glue A resource records for the delegated zone.
The IP address of one or more master servers that can be used to update the stub zone
What is Aging and Scavenging?
Aging and Scavenging is a DNS server service which supports a mechanism for performing clean-up and removal of stale resource records which can accumulate in zone data over time. It helps to maintain the dynamic DNS environment by regular deletion of stale resource records from the DNS database. Some problems associated with stale records are: unnecessary space utilization long zone transfers, wrong resolution of the client query due to stale data, and accumulation of stale records on the DNS server can degrade its performance. These stale records problems can be resolved by the aging and scavenging features. Before using aging and scavenging features of DNS some conditions needed are:
1) Aging and scavenging features must be enabled on the DNS server and on the zone. By default, they are not enabled.
2) Resource records must be added dynamically to the zone or manually modified to be used in operations of aging and scavenging.
Aging
Aging is the process of identifying stale DNS records. It uses two intervals:
1) Non-Refresh interval
2) Refresh interval
Non-Refresh interval
This is the time period in which the resource records cannot be refreshed. It can be used to reduce the replication traffic in this time period to avoid the replication of the same information again.
Refresh interval
This is the time period in which the resource records can be refreshed.
Resource record refresh: This is a DNS dynamic update without changing the hostname and IP address.
If the non-refresh interval and refresh interval are 7 days, then the resource records can be considered as stale if not refreshed after 14 days. If the non-refresh interval and refresh interval are elapsed, then the resource records can be refreshed as long as they are not removed from the DNS zone. Aging uses a resource record time-stamp to identify if the record is stale or not.
Resource records having timestamp zero: These records are static records that are not stale records.
Resource records having timestamp not equal to zero: These records are dynamic records which represent the hour of the last refresh date.
Scavenging
Scavenging is the process of removal and clean-up of stale resource records from the DNS zone. The stale resource records will be removed only if the scavenging is enabled on the resource record, where the resource record exists and at least one DNS hosting where the primary copy of the resource records exists.
Scavenging can be set in three places:
1) Individual record
2) Zone
3) Server
If scavenging is set on zone it will work only for dynamic records. It will work for manual entries only if it’s enabled for the zone. Once scavenging is set on zone this will enable it on DNS servers. The DNS server where the scavenging option enabled is responsible to scavenge the record. The server will log a DNS event 2501 to indicate the number of scavenging record and it will log a DNS event 2502 if no record where scavenged.
Scavenging formula:
Aging and scavenging process for a sample record
Consider a DNS host “host-a.example.microsoft.com” register its host resource record on the DNS server where aging and scavenging are enabled. The DNS server set a time stamp for this record based on the current server time at the time of registration. The DNS server does not refresh the resource record for the duration of non-refresh interval. It can refresh the record before non-refresh interval if any update, such as the IP address of the host changes and it resets the time stamp accordingly. The DNS server refreshes the record after the non-refresh interval expires. During and after the refresh interval if any update comes it accepts and refresh the record. The server examines the subsequent scavenging and each record is compared to server time to determine whether the record should be removed and this is done by using scavenging formula.
Domain Name System is a service to resolve the Name to IP Address and IP Address to Name, DNS also used to locate servers, computers and services on your network and DNS is backbone of Active Directory that can be installed on windows server as a standalone or Domain Controller
What is Static and Dynamic DNS Record?
Manually created DNS entry called static record and the record created automatically by the system/DHCP itself called Dynamic DNS Record, static records are not easy to manage as the IP adress changes will not update automatically, we have to update manually
What is Dynamic DNS (DDNS)?
Dynamic DNS or DDNS is a method of updating a DNS record, DDNS is preferred most of the organization since it’s easy to maintain and you always get the latest updated IP address of the servers and computers
What are the record types in DNS?
DNS has many types of records, A record or host records are mostly known to everyone, will explain all the record types in DNS
A (Address) Maps a host name to an IP address, Compute1 pointing to 192.168.100.100, When a computer has multiple adapter cards and IP addresses, it should have multiple address records.
CNAME (Canonical Name) Sets an alias for a host name. Record pointing to different record like www.support.windowstricks.in can have an alias as www.windowstricks.in, so both the records are pointing to same page
MX (Mail Exchange) Specifies a mail exchange server for the domain, used for mail delivery which allows mail to be delivered to the correct mail servers
NS (Name Server) Specifies a name server for the domain, which is authoritative servers for the respective DNS Zone and allows DNS lookups within all DNS zones
PTR (Pointer) Creates a pointer that maps an IP address to a host name for reverse lookups.
SOA (Start of Authority) Declares the host that is the most authoritative for the zone and, as such, is the best source of DNS information for the zone. Each zone file must have an SOA record (which is created automatically when you add a zone)
What is Caching Only Server?
Caching-only servers are those DNS servers that only perform name resolution queries, cache the answers, and return the results to the client. Once the query is stored in cache, next time the query in resolved locally from cached instead of going to the actual site.
What are a Forward and Reverse Lookup?
- Forward Lookup: Searching for A record, all the name query is send to the DNS server against to IP address, it is generally said a forward lookup.
- Reverse Lookup: Searching for PTR records whicho provides a reverse lookup process, enabling clients to use a known IP address during a name query and look up a computer name based on its address
What is Primary DNS zone?
This is the read and writable copy of a zone file in the DNS namespace. This is primary source for information about the zone and it stores the master copy of zone data in a local file or in AD DS. Dy default the primary zone file is named as zone_name.dns in Windows\System32\DNS folder on the server
If its AD integrated zone then all the records are stored in Domain partition on the Domain Controllers
What id Secondary DNS zone?
This is the read only copy of a zone file in the DNS namespace. This is secondary source for information about the zone and it get the updated information from the master copy of primary zone. The network access must be available to connect with primary server. As secondary zone is merely a copy of a primary zone that is hosted on another server, and secondary zone cannot be stored in AD
What is stub DNS Zone?
A stub zone is a read only copy of a zone that contains only those resource records which are necessary to identify the authoritative DNS servers for that particular zone, stub zone also used like DNS Forwarding and its practically used to resolve names between separate DNS namespaces. This type of zone is generally created when a corporate merger or acquire and DNS servers for two separate DNS namespaces resolve names for clients in both namespaces.
A stub zone contains:
The start of authority (SOA) resource record, name server (NS) resource records, and the glue A resource records for the delegated zone.
The IP address of one or more master servers that can be used to update the stub zone
What is Aging and Scavenging?
Aging and Scavenging is a DNS server service which supports a mechanism for performing clean-up and removal of stale resource records which can accumulate in zone data over time. It helps to maintain the dynamic DNS environment by regular deletion of stale resource records from the DNS database. Some problems associated with stale records are: unnecessary space utilization long zone transfers, wrong resolution of the client query due to stale data, and accumulation of stale records on the DNS server can degrade its performance. These stale records problems can be resolved by the aging and scavenging features. Before using aging and scavenging features of DNS some conditions needed are:
1) Aging and scavenging features must be enabled on the DNS server and on the zone. By default, they are not enabled.
2) Resource records must be added dynamically to the zone or manually modified to be used in operations of aging and scavenging.
Aging
Aging is the process of identifying stale DNS records. It uses two intervals:
1) Non-Refresh interval
2) Refresh interval
Non-Refresh interval
This is the time period in which the resource records cannot be refreshed. It can be used to reduce the replication traffic in this time period to avoid the replication of the same information again.
Refresh interval
This is the time period in which the resource records can be refreshed.
Resource record refresh: This is a DNS dynamic update without changing the hostname and IP address.
If the non-refresh interval and refresh interval are 7 days, then the resource records can be considered as stale if not refreshed after 14 days. If the non-refresh interval and refresh interval are elapsed, then the resource records can be refreshed as long as they are not removed from the DNS zone. Aging uses a resource record time-stamp to identify if the record is stale or not.
Resource records having timestamp zero: These records are static records that are not stale records.
Resource records having timestamp not equal to zero: These records are dynamic records which represent the hour of the last refresh date.
Scavenging
Scavenging is the process of removal and clean-up of stale resource records from the DNS zone. The stale resource records will be removed only if the scavenging is enabled on the resource record, where the resource record exists and at least one DNS hosting where the primary copy of the resource records exists.
Scavenging can be set in three places:
1) Individual record
2) Zone
3) Server
If scavenging is set on zone it will work only for dynamic records. It will work for manual entries only if it’s enabled for the zone. Once scavenging is set on zone this will enable it on DNS servers. The DNS server where the scavenging option enabled is responsible to scavenge the record. The server will log a DNS event 2501 to indicate the number of scavenging record and it will log a DNS event 2502 if no record where scavenged.
Scavenging formula:
Record timestamp+no refresh interval for zone+refresh interval for zoneIf the sum of these values are greater the server time (current date and time on the DNS server) no action is taken and records are not deleted from the zone. If the sum is less than server time the records are deleted.
Aging and scavenging process for a sample record
Consider a DNS host “host-a.example.microsoft.com” register its host resource record on the DNS server where aging and scavenging are enabled. The DNS server set a time stamp for this record based on the current server time at the time of registration. The DNS server does not refresh the resource record for the duration of non-refresh interval. It can refresh the record before non-refresh interval if any update, such as the IP address of the host changes and it resets the time stamp accordingly. The DNS server refreshes the record after the non-refresh interval expires. During and after the refresh interval if any update comes it accepts and refresh the record. The server examines the subsequent scavenging and each record is compared to server time to determine whether the record should be removed and this is done by using scavenging formula.