>

Most Viewed Networking Devices:

  1. Small business firewalls
  2. Computer networking hardware
  3. High speed gigabit PCI adapter
  4. USB 3.0 PCI Card for Super Speed Data Transfer Rate
  5. Small Business Computer Network with Apple Mac Mini Server
  6. NSA 240 Sonicwall Small Business Network Security
  7. Cisco WRVS4400N Wireless Security Router
  8. Cisco RV 120W Wireless-N VPN Firewall and VLAN Router
  9. Cisco RV016 Multi WAN Router For Small Business
  10. Cisco RV220W Small Business Router
  11. Cisco RV082 Dual WAN VPN Router
  12. Edimax EnduraLINK ER-1088 Multi WAN Routers
  13. TL-R4299G Dual WAN Router for Internet Café
  14. New WNDR4500 N900 Vs Tew-692GR N900 Routers
  15. Netgear WNDR4000 and WNDR3800 Dual Band Routers
  16. Linksys E2500 Advanced Dual Band Router Vs E2000
  17. Linksys E-4200 Dual Band Gigabit Router

Most viewed Security Management:

  1. Information security management
  2. Firewalls Security Guidelines
  3. Business Continuity and Disaster Recovery Planning
  4. An Example of LAN Network Risk Assessment
  5. Information security policy guidelines
  6. Network Security Best Practices
  7. IT Security Risk Assessment

Most Viewed Networking Concepts:

  1. Local area network topology
  2. LAN Cable - standard deployment
  3. Easy way to calculate subnet mask
  4. VLAN tutorial
  5. WAN technologies
  6. Route summarization
  7. Understanding firewall with DMZ

 
«  
  »

Setting Up DNS


The major goals of designing a good DNS services are unbroken continuity of service, fast performance, and minimum network traffic across the WAN, strong security, and a reasonably small need for administrative attention. And also the goal of designing and setting up DNS servers as primary and secondary DNS servers is to provide fault tolerance.

If you have existing Windows 2000 DNS servers; setting up DNS servers to preserve the existing server configuration and zone files can be done by upgrading them to Windows server 2003. Upgrading can be done by starting with the primary DNS server, then upgrading the secondary servers.

Before Setting up DNS servers, the following checklist can be used as a roadmap for your DNS deployment.

  • Spend the time to lay out DNS domain namespace so you know which zones you need and everyone agrees on the naming conventions.
  • If you have existing DNS infrastructure, you need to decide how it will be integrated. And you also need to decide if you will use WINS forwarding, if you have WINS.
  • Are you going to use root hints, forwarder, or combination of both to resolve Internet addresses?
  • To maximize availability and minimize WAN traffic you need to define the locations where you will need DNS servers.
  • Decision must be made if you use standard DNS primary and secondary servers or Active Directory Integrated zones. Place domain controllers in strategic locations to support name resolution if you decide to use Active Directory Integrated zones.
  • You need to consider if you need to support dynamic resource record updates and securing the updates by integrating the zones into Active Directory.
  • Will you also provide name services for public zones by placing the DNS server in the DMZ, or getting from the ISP?
  • You need to decide if you provide name resolution behind the firewall for outside DNS domains including extranets and other third party business connections. Conditional forwarding or stub zones can be used for resolving addresses for these connections.

Once you have completed the DNS design you can start configuring and setting up DNS servers.

Setting Up DNS Service in Windows Server 2003

Prepare the Windows Server 2003 CD-ROM with you upon installing the DNS server, and follow the procedure bellow:

  1. Open Add/Remove Program from the Control Panel
  2. To start the Windows Components Wizard click the Add/Remove Windows Components
  3. Highlight Networking Services and click Details to open the Networking Services window.
  4. Select Domain Name System (DNS) and click OK to save the change and return to the Windows Components window and click Next.
  5. Click Finish and close the windows.

At this point, configuring the zones can be started.

Setting Up Forward Lookup Zone

We use the Company.Com as the first forward lookup zone and as the root of the DNS domain namespace.

Notes: The DNS service starts automatically at boot time, but we can start and stop the service using the DNS console or we can also use the net start dns from the command line to start the service or use net stop dns to stop the DNS services.

Setting Up DNS to create a Forward Lookup Zone

  1. Click Start menu => Programs => Administrative Tools => DNS to open the DNS console. The DNS tree shows the local server and two empty branches for forward and reverse lookup zones
  2. Right click the Forward Lookup Zone icon and select New Zone from the menu to open the New Zone Wizard.
  3. Click Next to open the Zone Type window, and select the default selection Primary Zone and uncheck the Store the Zone in Active Directory option. Click Next and then enter the Zone name.
Create DNS Zone

Create DNS Zone

  • Click Next to open the Zone File window. The zone filename should match the zone name with a .DNS extension. If you have an existing zone file, you can import it at this point with the Use This Existing File option.
  • Click Next to open the Dynamic Update window and select your update option. If you use Active Directory Integrated Zones, the Allow Secure Dynamic Update option will be available.
  • Click Next to finish the Setting Up DNS for Forward Lookup Zone configuration.

 

The new zone appears as a folder under the Forward Lookup Zones icon in the left pane of the window. When that zone icon is highlighted, the associated resource records are displayed as shown in the right pane figure below.

DNS Forward Lookup Zone

DNS Forward Lookup Zone

Queries for SRV and A records requests are handled by the forward lookup zone. This is a query when you know the IP address and need the host name. The following procedure will guide you in setting up DNS to create the Reverse Lookup Zone.

  1. Right-click the Reverse Lookup Zone icon and select NEW ZONE to start the New Zone Wizard.
  2. Click Next to open the Zone Type window. Leave the default selection at Primary Zone. For creating the standard primary zone, uncheck the Store the Zone in Active Directory option.
  3. Click Next to open the Reverse Lookup Zone window. Under Network ID, enter the network portion of the subnet the zone will service for example 10.x. networks with a 16-bit subnet mask, so the entry shows 10.1 with the last two octets empty. Each unique number in the second octet requires a separate reverse lookup zone.
DNS Reverse Lookup Zone setup

DNS Reverse Lookup Zone setup

  1. Click Next to open the Zone File window and leave the default setting. The zone filename should match the zone name with a .DNS extension. If you have an existing zone file, you can import it at this point with the Use This Existing File option.
  2. Click Next to open the Dynamic Update window and select your update option. If you design the Active Directory Integrated zones, the Allow Only Secure Dynamic Updates option will be available.
  3. Click Next and Finish to complete.

You can make a test by creating host record and see if the PTR records are created successfully. Test form the client by pinging the test records and the DNS server.

It is common for business and enterprise class network to have DNS infrastructure in place, but for home network – the name resolution is forwarded to the ISP DNS.


See also:

Share
November 11th, 2009 | Tags: , | Category: Network Configuration

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>