Domain Name System (DNS)

DNS Structure

• DNS is a method of concisely administering domain names. Originally the DNS is administered by an international group called InterNIC (Internet Network Information Center consortium). Presently it is managed by: The Internet Corporation for Assigned Names and Numbers (ICANN) http://www.icann.org/. Some issues are handled directly by Internet Address Numbers Authority (IANA), http://www.iana.com/.
• The Domain Name Service (DNS) is used on networks that use the TCP/IP communications architecture. DNS came into being for the simple reason that people find it easier to remember names than IP addresses.
• Although DNS, not enabled to use WINS, is a static database, it has two features that make it far superior to using NetBIOS names:
  • a hierarchical naming convention which allows the name to have structure
  • the structure allows distributed management of names
• Using distributed management (like delegation of responsibility in an organization), the entity at the top of the hierarchy, currently InterNIC, created 
  • 7 top level domains and a range of IP network addresses to go with each. Management of these domains can in turn create other domains and distribute their share of IP addresses to them etc. Thus within each domain there is an authority that insures uniqueness of names and IP addresses and there is no need for that authority to manage at a lower level. This is what is meant by distributed management.
• A DNS server manages resources by dividing them into zones as shown in Figure 9-22 in the textbook. We see two types of zones in this figure. We have called them Normal Zones and Reverse Zones. We have coined the name Normal Zones to distinguish them from Reverse Zones.
• a Normal Zone is an intuitive concept because its name refers to a group of devices managed by the DNS server. ral1 and ral2 are Normal Zones
• a Reverse Zone is not such an intuitive concept because its name refers to a group of IP addresses. This group of addresses is a list of all IP address-to-DNS name mappings in branches of the Reverse Zone lower than that specified in the zone name. 255.in-addr.arpa is a Reverse Zone

DNS Configuration

Configuration of the DNS is done in Windows 2000 (W2K) through the DNS Microsoft Management Console (MMC). It is important to remember that the MMC is available most all servers in W2K.

Each Domain can be made of several types of zones for management and security.

Control of the Records are completed by right-clicking the zone you want to manipulate.

Creating a new Host entry matches a computers name and matches it to an IP Address. This screen also gives you opportunity to create a matching PTR or pointer record that points the IP Address to the name in the Reverse Zone.

CNAME, also known as Alias is a method to give more than one FQDN to a single IP Address. Each IP has one Host record entry and the remaining names use the CNAME or Alias.

Types of Entries

Example Files:

• Cache
• Normal Zone
• Reverse Zone

The following are common entries in the DNS configuration file:

DNS Entries
A	Host address (dotted quad)
NS	An authoritative name server (domain)
MX	A mail exchanger (domain), preceded by a preference value (0..32767), with lower numeric values representing higher logical preferences.
CNAME	The canonical name for an alias (domain)
SOA	Marks the start of a zone of authority (domain of originating host, domain address of maintainer, a serial number and the following parameters in seconds: refresh, retry, expire and minimum TTL (see RFC 883)) The SOA specifies a serial number, which should be changed each time the master file is changed. Note that the serial number can be given as a dotted number, but this is a  very unwise thing to do since the translation to normal integers is via concatenation rather than multiplication and addition. You can spell out the year, month, day of month, and 0..99 version number and still fit inside the unsigned 32-bit size of this field. It's true that we will have to rethink this strategy in the year 4294 (Greg.) but we're not worried about it. Secondary servers check the serial number at intervals specified by the refresh time in seconds; if the serial number changes, a zone transfer will be done to load the new data. If a master server cannot be contacted when a refresh is due, the retry time specifies the interval at which refreshes should be attempted. If a master server cannot be con- tacted within the interval given by the expire time, all data from the zone is discarded by secondary servers. The minimum value is the time-to-live (``TTL'') used by records in the file with no explicit time-to-live value.
NULL	A null resource record (no format or data)
RP	A Responsible Person for some domain name (mail- box, TXT-referral)
PTR	A domain name pointer (domain)
HINFO	Host information (cpu_type OS_type)

Utilities

nslookup

On an NT server at the DOS prompt:

1. nslookup (enter)
2. ls -d  mccneb.edu >fulldns.txt
3. Resulting File

06/12/02