Windows NT DNS
Domain Name Service is used to change internet domain and computer computer names into IP addresses and vice versa. DNS works at the application layer and uses TCP and UDP for transport. TCP is only used if returned data is truncated. See the DNS section in the Networking Guide for information about DNS.
On the client side, a DNS resolver is used to send queries to DNS servers. The resolver is normally part of a library routine or it is built into the application. DNS uses zone files to keep name and IP address database information for the internet domain or hierarchial set of domains. DNS does not yet support dynamic configuration. Different aliases may be created by the administrator for the same host. Three types of name servers:
- Primary - Locally stored files exist on the name server data base.
- Secondary - Gets data called a zone transfer from another server that is the zone authority.
- Caching - Only caches name server information and does not contain its own files.
A primary and secondary name server should be used on a network. When a zone is defined, some server must be configured to be a master name server for the zone. There can be different master name servers for different zones. Name servers can be configured to get information from other name servers when the information is not found in the local database.
- Forwarders - A name server that passes name resolution requests to other name servers. This configuration is done on a per server basis.
- Slaves - Slave name servers are configured to use forwarders.
Query types are:
- Inverse - Getting the name from the IP address. These are used by servers as a security check.
- Iterative - Server gives its best answer. This type of inquiry is sent from one server to another.
- Recursive - Cannot refer the query to another name server.
Microsoft DNS is compatible with BIND, but it is not the same. Microsoft supports RFCs 1033, 1034, 1035, 1101, 1123, 1183, and 1536.
DNS service is installed from the control panel network applet services tab. Select "Microsoft DNS Services". The computer must be restarted after the installation. The Microsoft DNS manager which may be run from any NT computer on the network is used to configure DNS. Do the following:
- Select "New Server" from the menu. Type the server name in the "Add DNS Server" dialog box.
- Create a new DNS zone for the network by right clicking the server name and selecting "New Zone".
- Select "Primary" and next in the "Zone Creation Wizard" and type the name of the Internet domain in the name box.
- Create DNS entries (A records) for computers with static IP addresses by right clicking on the zone name and selecting "New Host". DNS can be configured to use WINS to look up dynamically assigned IP addresses.
- For all name servers and mail servers, create the NS and MX records respectively.
Characters allowed in DNS names are:
A-Z a-z 0-9 -
The characters / . _ are illegal. Configuration keywords:
- Interfaces - Specifies interfaces to use on a multihomed host.
- Forwarders - Specifies other name servers to use as a forwarder.
- Boot Method - Display whether the boot method is through the use of the registry or data files.
DNS files are stored in:
Configuring DNS to use WINS
- From the DNS Manager, right click on the zone, select properties, and click on the "WINS Lookup" tab.
- Check the "Use WINS Resolution" checkbox and type the WINS server IP address in the "WINS Servers" text box.
A WINS entry in the DNS file will cause the DNS server to modify the hostname to a NetBIOS name and send it to the WINS server when a query entry is not found in the DNS database.
The Hosts file at \WINNT_root\system32\drivers\etc can act as a replacement for DNS which is a file containing IP addresses and DNS names for hosts. Files in this directory include:
- Lmhosts - NetBIOS name to IP address.
The DNS Database
Below is a partial explanation of some records in the database. An example /var/named/db.mycompany.com.hosts file is listed below.
mycompany.com. IN SOA mymachine.mycompany.com. root.mymachine.mycompany.com. (
1999112701 ; Serial number as date and two digit number YYMMDDXX
10800 ; Refresh in seconds 28800=8H
3600 ; Retry in seconds 7200=2H
604800 ; Expire 3600000=1 week
86400 ) ; Minimum TTL 86400=24Hours
mycompany.com. IN NS mymachine.mycompany.com.
mycompany.com. IN MX 10 mailmachine.mycompany.com.
mymachine.mycompany.com. IN A 10.1.0.100
mailmachine.mycompany.com. IN A 10.1.0.4
george.mycompany.com. IN A 10.1.3.16
Below are listed some of the entries with explanations:
- Serial number - If less than master's SN, the slave will get a new copy of this file from the master.
- Refresh time - Time between checks to see if the master has a new database.
- Retry Time - The time a secondary waits to try a new zone transfer
- Expiration time
- TTL - Time to live is the amount of time a DNS server may cache the entry that was received from another DNS server.
Database file storage on MIcrosoft Windows NT is as follows:
- Database file - zone.dns
- Cache file - Cache.dns - Used to resolve names outside the domains. Contains the addresses of root name servers.
- Reverse lookup file and Arps-127.rev
- Boot file (options) - Defines BIND startup options such as the directory DNS files are contained in. Bootfile commands:
- Cache - The cache file location. The file must exist.
- Primary - Syntax is "primary (domain) (filename)" - The domain indicates the domain that this authoritative server is in charge of. The filename indicates theresource record file for the zone.
- Secondary - Syntax is "secondary (domain) (hostlist) - The domain indicates the domain the server is authoritative for. The hostlist is a list of master servers where zone information is downloaded from.
DNS Record types:
- A - Address record allowing a computer name to be translated into an IP address. Each computer must have this record for its IP address to be located. These names are not assigned for clients that have dynamically assigned IP addresses, but are a must for locating servers with static IP addresses.
- CNAME - Canonical name allowing additional names or aliases to be used to locate a computer.
- HINFO - Host information record with CPU type and operating system.
- MX - Mail Exchange server record. There may be several.
- NS - Name server record. There may be several.
- RP - Responsible person.
Country codes include:
- de - Germany
- nz - New Zealand