If DNS is already installed onto your server, you can skip this exercise. But if you have not installed DNS, let’s start by installing DNS. Installing DNS is an important part of running a network. Exercise 5.1 walks you through the installation of a DNS server.
EXERCISE 5.1
Installing and Configuring the DNS Service
- Open Server Manager.
- On the Server Manager dashboard, click the Add Roles And Features link.
- If a Before You Begin screen appears, click Next.
- On the Selection type page, choose role- based or feature- based installation and click Next.
- Click the Select A Server From The Server Pool radio button and select the server in the Server Pool section. Click Next.
- Click the DNS Server Item in the Server Role list. If a pop- up window appears telling you that you need to add additional features, click the Add Features button. Click Next to continue.
- On the Add Features page, just click Next.
- Click Next on the DNS Server information screen.
- On the Confirm Installation screen, select the Restart The Destination Server Automatically If Required option and then click the Install button.
- At the Installation progress screen, click Close after the DNS server is installed.
- Close Server Manager.
Load Balancing with Round- Robin
Like other DNS implementations, the Windows Server 2022 implementation of DNS supports load balancing through the use of round- robin. Load balancing distributes the network load among multiple network hosts if they are available. You set up round-r obin load balancing by creating multiple resource records with the same hostname but different IP addresses for multiple computers. Depending on the options that you select, the DNS server responds with the addresses of one of the host computers.
If round- robin is enabled, when a client requests name resolution, the first address entered in the database is returned to the resolver and is then sent to the end of the list. The next time a client attempts to resolve the name, the DNS server returns the second name in the database (which is now the first name) and then sends it to the end of the list, and so on.
Round- robin is enabled by default.
Configuring a Caching- Only Server
Although all DNS name servers cache queries that they have resolved, caching- only servers are DNS name servers that only perform queries, cache the answers, and return the results. They are not authoritative for any domains, and the information that they contain is limited to what has been cached while resolving queries. Accordingly, they don’t have any zone files, and they don’t participate in zone transfers. When a caching- only server is first started, it has no information in its cache; the cache is gradually built over time.
Caching- only servers are easy to configure. After installing the DNS service, simply make sure the root hints are configured properly. One advantage to Windows Server 2022 is the ability to also support IPv6 root hints.
- Right- click your DNS server and choose the Properties command.
- When the Properties dialog box appears, switch to the Root Hints tab (see Figure 5.11).
- If your server is connected to the Internet, you should see a list of root hints for the root servers maintained by ICANN and the Internet Assigned Numbers Authority (IANA). If not, click the Add button to add root hints as defined in the cache.dns file.
FIGURE 5.11 The Root Hints tab of the DNS server’s Properties dialog box
You can obtain current cache.dns files on the Internet by using a search engine. Just search for cache.dns and download one. (I always try to get cache∙dns files from a university or a company that manages domain names.)
Setting Zone Properties
There are six tabs on the Properties dialog box for a forward or reverse lookup zone. You only use the Security tab to control who can change properties and to make dynamic updates to records on that zone. The other tabs are discussed in the following subsections.
Secondary zones don’t have a Security tab, and their SOA tab shows you the contents of the master SOA record, which you can’t change.
General Tab
The General tab includes the following:
■ The Status indicator and the associated Pause button let you see and control whether this zone can be used to answer queries. When the zone is running, the server can use it to answer client queries; when it’s paused, the server won’t answer any queries it gets for that particular zone.
■ The Type indicator and its Change button allow you to select the zone type. The options are Standard Primary, Standard Secondary, and AD- Integrated. (See “Introducing DNS Database Zones” earlier in this chapter.) As you change the type, the controls you see below the horizontal dividing line change too. For primary zones, you’ll see a field that lets you select the zone filename; for secondary zones, you’ll get controls that allow you to specify the IP addresses of the primary servers. But the most interesting controls are the ones you see for AD Integrated zones. When you change to the AD Integrated zones, you have the ability to make the dynamic zones Secure Only.
■ The Replication indicator and its Change button allow you to change the replication scope if the zone is stored in Active Directory. You can choose to replicate the zone data to any of the following:
■ All DNS servers in the Active Directory forest
■ All DNS servers in a specified domain
■ All domain controllers in the Active Directory domain (required if you use Windows 2000 domain controllers in your domain)
■ All domain controllers specified in the replication scope of the application directory partition
■ The Dynamic Updates field gives you a way to specify whether you want to support Dynamic DNS updates from compatible DHCP servers. As you learned earlier in the section “Dynamic DNS and Non-d ynamic DNS,” the DHCP server or DHCP client must know about and support Dynamic DNS in order to use it, but the DNS server has to participate too. You can turn dynamic updates on or off, or you can require that updates be secured.
Leave a Reply