By:
James Beau Webb
Setting
up DNS
I. What is DNS?
DNS is a service that you can have on your network. DNS stands for
domain
name system or service, which basically takes
a users request for a given
name of a device, and using the data that the
server has for that device, it
maps the devices name to its ip address.
Which is necessary because
networks don't run off of names, they use ip
addresses. So the DNS allows
for devices to be located by name, so they
can receive the data and packets
that are sent to them by their name. The most
common example of this is with
the internet, everytime that a user puts in
an internet address, for example
www.yahoo.com, the packet is sent to the DNS
server, and the server maps
the domain name (yahoo.com) to its appropriate
ip address, and then it
sends the user information to that address so
the user can view the website.
DNS requires there be a DNS server, because
the server is where all the
information is stored, and without it DNS
would not be possible. You must
also have a list of all the DNS clients.The
DNS server will not be able to
direct the data and information to the
correct destination if it does not have
that device in its DNS database. So the DNS server
needs a database that
consist of all the computers or devices on
the network that are going to be
used in the DNS service.
The DNS database can be broken down into
zones. A zone is when the
DNS server has a group of resource records
that are related
because of the DNS domain name or because of
the ip address.
There are two types of zones, a forward
lookup zone and a reverse lookup
zone. The only difference in the two is that
a forward lookup zone allows
names to be mapped to ip addresses, as to
where the reverse lookup zone
maps ip addresses to their domain names. Also
forward lookup zones
group information based on domain names, and
these records are called
host records because they convert names to
addresses. But reverse
lookup zones group their information by ip
addresses, and these records
are called pointer records, and that's why
they map ip addresses to
domain names. One other type of record the
DNS database may contain
is
an SRV record, which groups information based on DNS or network
services, so they resolve services to their
names.
When you first create a forward or reverse
lookup zone on a DNS server
you are creating the primary copy or the
primary zone, and it can be read
or written to. The copies made of the the
primary zone are called
secondary copies or zones, and they can only
be read. It is strongly
recommended that you copy your zones to other
DNS servers in case
something would happen to the server you are
currently using.
II. How to install DNS on your network
First you must select a computer that you want to use
as your DNS server.
Once you have that then you follow these
steps to configure the DNS server
and service on the computer. This is for
computers with Windows 2000:
1. Right click on My Computer on the desktop,
once the menu appears
select Properties from it.
2. The System Properties box appears,
then click on the Network
Identificaition tab. Which
should look like this, with a different computer
name:
3.
Then click the Properties button, and the Identification Changes window
should appear. Then press the More button and another window
should
appear.
4. In the DNS Suffix and NetBIOS Computer
Name window, you should
be
able to set the the Primary DNS suffix for the computer to whatever
the DNS name for the network is or will be.
Notice: that the Primary DNS suffix is
just ist.com , you should put
in your own domain name, but do NOT put in
your computer name!
5.
Once you have in the right domain name, press OK, and then press
OK
again in the Identification Changes window. You should now be
back in the System Properties window, and the Full Computer Name
should now read: your computer
name. your domain name
Like in the first picture, my Full Computer Name would be beau.ist.com
6. Now press OK in the System
Properties window and restart the
computer to let the changes take effect.
7. Once the computer restarts, now go to
START then to SETTINGS
and
then to CONTROL PANEL, and select the "Add/Remove Programs"
applet.
8. Once the Add/Remove window appears, click
on the "Add/Remove Windows
Components" option on the left hand
side, and then Windows Component
Wizard should appear. Scroll
down until you find the "Networking Services"
option. Once you find it just click on the "Networking
Services" option one time
to
highlight it, and then click the "Details" button. Then the Networking
Services window should
appear.
9. Once the Networking Services window
appears find the "Domain Name
System(DNS)" option and select it by clicking in the square box to
the left
of it, and it should put a check mark in
that box, and once the check mark
appears, then click OK. It should look like this:
Notice: you may have to insert the Windows
2000 CD to copy the files
and allow the installation to complete. Also
you don't have to restart
after this if you don't want to, because the
DNS will work without it.
To create a Primary Forward Lookup Zone:
Notice: make sure that you have done steps
1-6 completely before you
do the following, because you may experience
problems with your
zones if you do the following before
completely completing steps 1-6.
1.
Go to START, then to PROGRAMS, then to ADMINISTRATIVE TOOLS,
and
then to DNS, and click on DNS. The DNS window should appear.
Now
on the left hand side of the screen, you should have a little icon for
a
server, and the name of the server; double click on the server name.
2. Two folders should appear. Now right click
on the words "Forward Lookup
Zones" and a menu should appear. On the menu select the "New
Zone"
option and a New Zone Wizard should appear. Click "Next" to
continue on.
3. Since you are setting up a Primary Forward
Lookup Zone, the default setting
of
"Standard primary" is what you want, so just click "Next"
to continue.
4. Then the Zone Name window should
appear, and here you just type in
the
DNS domain name. DO NOT type in the host or computer name,
only the domain name. From the pictures above you have seen the
example of ist.com, so here is what it should look like with that as an
example (put your domain name in, not ist.com):
5. Then once you type in the domain name for
the zone name, then just click
"Next" to continue on.
6. Now you should be at the Zone File
window, and the wizard should already
have put your domain name that you just typed in for the file name,
along with
the
".dns" extension at the end. So from my example it would be
"ist.com.dns"
of
course your's should have your domain name. Just go ahead and accept
this suggested file name, because it will
be easy to remember, so just go
ahead and click "Next" to continue on.
7. Now you should see a Completion window
which shows what you selected
or
typed in to use for this forward lookup zone. It should look like this:
Except your's will of course have your domain name for the
"Name" and
the
"File name". Make sure to check all of the information in this
window to make sure everything has been properly selected and
typed in, especially the "Name" and make sure that you
selected
the
correct "Type" and "Lookup type" of zone that you wanted to
create, otherwise difficulties will occur.
8. Once you verified the information, go
ahead and click "Finish" to complete
the
setup and the wizard. Also, you should now see on the left hand side of
the
DNS window a subfolder under the "Forward Lookup Zones"
folder, and
that subfolder should be labeled with the
domain name you specified for it,
for
my example ist.com. On the right hand side on the DNS window you
should see a couple of default folders, and later as you add hosts to
the
zone their will be records for each individual host added.
To create a Primary Reverse Lookup Zone:
1.
Go to START, then to PROGRAMS, then to ADMINISTRATIVE TOOLS,
and
then to DNS, and click on DNS. The DNS window should appear.
Now
on the left hand side of the screen, you should have a little icon for
a
server, and the name of the server; double click on the server name.
2. Two folders should appear. Now right click
on the words "Reverse Lookup
Zones" and a menu should appear. On the menu select the "New
Zone"
option and a New Zone Wizard should appear. Click "Next" to
continue on.
3. Since you are setting up a Primary Reverse
Lookup Zone, the default setting
of
"Standard primary" is what you want, so just click "Next" to
continue.
4.
Now you should be at the Reverse Lookup Zone window were the
option of "Network ID" should be selected. That's what you
want, so go
ahead and put in the network portion of your network ip address. This is
what it should look like, except with your network ip address:
Then click "Next" to continue on.
5. Now you should be at the Zone File window,
and the top option to create
a
the "Create a new file with this file name" option already selected,
and that
is
what you want, and it should have suggested a file name for you, which
should be the network ip address you just entered, but in reverse order,
with
this following the reverse network portion of your network ip address,
"in-addr.arpa.dns". So the window should look like this, but
with your network
portion of your network ip address:
6. Just go and accept the suggested name and
click "Next" to continue on.
7. You should now be at the Completion
window of the wizard. It looks like
the
Completion window for the Forward Primary Lookup Zone, but with
different options of course because your making a Reverse Primary
Lookup Zone. Make sure to check all of the information in this
window
to make sure everything has been properly selected and
typed in, especially the "Name" and make sure that you
selected
the
correct "Type" and "Lookup type" of zone that you wanted to
create, otherwise difficulties will occur.
8.
Once you verified the information, go ahead and click "Finish" to
complete
the
setup and the wizard. Also, you should now see on the left hand side of
the
DNS window a subfolder under the "Reverse Lookup Zones"
folder, and
that subfolder should be labeled with the Network ID portion of your
network
ip
address that you specified for it. For my example its 10.0.0.x, which they
put
the x in to fill in the host portion of the ip address. On the right hand side
on
the DNS window you should see a couple of default folders, and
later as you add ip addresses for certain hosts, to the zone, their will
be
a
record for each individual ip address that you add into the zone. This is
what it should look like (and this example shows the 2 default records
at
top
of the right hand side, and beneath those 2 records are 3 records for
individual ip addresses added to the zone):
To create a Secondary Zone:
Before you try to create a secondary zone
make sure that you know
the name of the zone and the ip address of
the DNS server that
contains the primary zone.
1.
Go to START, then to PROGRAMS, then to ADMINISTRATIVE TOOLS,
and
then to DNS, and click on DNS. The DNS window should appear.
Now
on the left hand side of the screen, you should have a little icon for
a
server, and the name of the server; double click on the server name.
2. Two folders should appear. Now right click
either on the words "Reverse
Lookup Zones" or "Forward Lookup Zone" depending on which
one
you
want or need to create and a menu should appear. On the menu select
the
"New Zone" option and a New Zone Wizard should appear. Click
"Next" to continue on.
3. However, now we are creating a Secondary
Zone, so this time select the
"Standard secondary" option on the Zone Type window,
and then click
"Next" to continue on.
4. Now depending on which type of zone you
are creating, will determine
what happens next. If you are creating a Forward Lookup Zone you will
be
at the Zone Name window, where you have to enter the domain name
that you want to use for the new zone, the window should look like this:
Now
if you are creating a Reverse Lookup Zone, then you will be at the
Reverse
Lookup Zone window, where you have to enter the network
portion of your network ip address that you are creating this zone for.
This window should look like this:
Once you have put in the correct domain name for the zone name, or
you put in the correct network portion of the network ip address that
you want to use for this zone, then click
"Next" to continue on.
5. Then you should be at the Master DNS
Servers window, and both wizards
take you to this window, so it doesn't matter for this step which lookup
type
you are creating. Here you need to enter the ip address of the master
DNS Server, which is the server that holds the primary zone. Once you
have entered the correct master DNS Server ip address then click
"Add"
to
add that ip address to the list that you want to copy the zone from.
So
it should look like this once you have addedd the master DNS Server
address to the list, but the address should be for your master DNS
Server:
Once you have the master DNS server address in the bottom box, the
list box, then go ahead and click "Next" to continue on.
6. You should now be at the Completion
window, which shows you what you
selected and entered to create this new zone. Make sure that the type
says "secondary". Make sure to check all
of
the information in this window to make sure everything
has
been properly selected and typed in, especially the "Name"
and
make sure that you selected the correct
"Type" and "Lookup
type" of zone that you wanted to create, otherwise difficulties
will
occur.
7. Once you verified the information, go
ahead and click "Finish" to complete
the
setup and the wizard. Also, you should now see on the left hand side of
the
DNS window a subfolder under the "Forward Lookup Zones"
folder, or
under the "Reverse Lookup Zones" folder and that subfolder
should be
labeled with the domain name you specified for it or the network ID of
the
network ip address that you specified. On the right hand side on the
DNS
window you should see a couple of default folders, and later
as
you add hosts to the zone their will be records for each individual
host name or ip address that you add into the zone.
To add Records to
your DNS Zone:
This
is an important step, because if you don't have host records and PTR
records, then your DNS will not be able to
map names to ip addresses, nor
will it be able to map ip addresses to their
names. Now a host record is
stored in Forward Lookup zones and they store
the devices name and its
ip address to allow the name to be mapped to
its ip address.
But PTR records are stored in Reverse Lookup
zones and they
store only the host portion of the ip address
and the devices name so that
the ip address can be mapped to its name within
that given network or
subnet. Notice that I said only the host
portion of the ip address, because
the DNS service is setup only within that
given network or subnet, therefore
the network portion of the address will
always be the same, and that's why
only the host portion of the ip address is
saved in the PTR record. You will
also have to add SRV records to the zones,
which are service records
that need to be stored in the DNS database
for use by the domain
controllers and the Active Directory
services.
There are two ways that you can add these
records, either manually or
dynamically. By doing this manually that
means that you have to enter the
records yourself and as changes occur in the
network, you must go back
and maintain the records to keep them correct
and up-to-date. Or you
can go with the dynamic choice, which allows
the DNS client or more likely
the DHCP server, which gives the client their
ip address, to create the
records, and with this option when a change
occurs the update is done by
the DNS server, DHCP server, or the client,
and it is done automatically.
This means that little to no maintenance is
required from you.
To manually add a Host Record:
1.
Go to START, then to PROGRAMS, then to ADMINISTRATIVE TOOLS,
and
then to DNS, and click on DNS. The DNS window should appear.
Now
on the left hand side of the screen, you should have a little icon for
a
server, and the name of the server; double click on the server name.
2. Now two folders should appear, one for
Forward Lookup zones and one
for
Reverse Lookup zones. Now right click on the subfolder that represents
your Forward Lookup Zone which you need to add a host record to. The
action menu should appear, and from it select the "New
Host..." option
by
clicking on it.
3. Now a New Host window should
appear. Now in this window you need to
enter the host's name and their ip address information into the correct
boxes.
4. Once you have entered the host name and ip
address, you the choice of
automatically creating the PTR record for this host for the Reverse
Lookup
zone if that's what you want to do. To do this simply click in the check
box
which is right below the ip address box and right next the words
"Create
associated pointer (PTR) record".
Notice: In order to do the
automatic PTR record, you must have
the Reverse Lookup Zone already
created! Otherwise it will not
work.
This is what the New Host window should look
like:
5. Once you have entered the host name and ip
address, and either checked
or
not checked the automatic PTR record option, then you can go ahead
and
click the "Add Host" button to create the host record (and if you
checked
the
automatic PTR record it will also create the PTR record when you click
"Add Host"). You should now see on the right hand side of your
DNS
window, this is once you have
clicked on your Forward Lookup Zone
subfolder, you should see a record on the right hand side of the DNS
Window which has the host
name that you entered and the type should
say
"Host" and then you should see the ip address that you entered under
the data column.
If any of the information is
wrong, simply right click on the host
record that is incorrect and
select the "Properties" option from
the menu, and then you can change
any incorrect information. Or
you can delete the old host record
and just perform these steps
over again with the correct
information.
To manually add a PTR record:
1. Go to START, then to PROGRAMS, then to
ADMINISTRATIVE TOOLS,
and
then to DNS, and click on DNS. The DNS window should appear.
Now
on the left hand side of the screen, you should have a little icon for
a
server, and the name of the server; double click on the server name.
2. Now two folders should appear, one for
Forward Lookup zones and one
for
Reverse Lookup zones. Now right click on the subfolder that represents
your Reverse Lookup Zone which you need to add a PTR record to. The
action menu should appear, and from it select the "New
Pointer..." option
by
clicking on it.
3. Now a New Resource Record window
should appear. Now in this window you need to
enter the host's name and the domain name together, and their host
portion
of
their ip address into the correct boxes. It should look something like this:
4. Once you have entered the correct
information into the correct boxes then
just go ahead and click the "OK" button to create the new PTR
record
in
your Reverse Lookup Zone. You should now see on the right hand
side of your DNS window, this is once you have clicked on your
Reverse Lookup
Zone subfolder, you should see a record on the
right hand side of the DNS Window which has the correct ip
address
for
the client on your network, and the type should say "Pointer" and the
data should say the correct "host name.domain name" of the
client.
To enable the other option, which is dynamic
DNS:
In
order for dynamic DNS to work you must do two things:
1. Configure the zone to accept
dynamic updates
2. Configure the clients and/or
DHCP to register ip addresses
with DNS.
To configure a zone for dynamic updates:
1. Go to START, then to PROGRAMS, then to
ADMINISTRATIVE TOOLS,
and
then to DNS, and click on DNS. The DNS window should appear.
Now
on the left hand side of the screen, you should have a little icon for
a
server, and the name of the server; double click on the server name.
2. Now two folders should appear, one for
Forward Lookup zones and one
for
Reverse Lookup zones. Now right click on the subfolder that represents
either your Forward Lookup Zone or your Reverse Lookup Zone, or which
ever zone of yours that you want to apply this to, and then click the
"Properties" option from the action menu. Now the Properties
window
for
that zone should appear.
3. The Properties window automatically
comes up showing the General Tab,
now
right above the "Aging" button is a drop down box with "No"
showing
in
it. To the left of this box you should see "Allow dynamic updates?".
Now
what you need to do is just click on the down arrow at the end of that
box,
and
you should see the box expand to show "Yes" and "No". You
need to
click on the "Yes" option. Now the box should say
"Yes" instead of "No".
It
should look like this:
Once you have "Yes" showing in that box then click the
"OK" button.
Now to configure the client's DNS update
configuration:
1.
Go to the client's machine or have the client to do so, and go to the Start
menu, then go to Settings, then go to Network and Dial-up Connections
and
click on it. Then the Network and Dial-up Connections window
should appear.
2. Now double click on the Local Area
Connection icon.
Then the Local Area Connection Status window should appear, and
there
should be a "Properties" button, click it. Then the Local
Area Connection
Properties window should
appear.
3. The Local Area Connection Properties
window will automatically show the
General Tab, and on that tab you should see a box in the middle, which
has
"Internet Protocol (TCP/IP)" as the bottom option. Click on
that option one
time just to highlight it, then go and click the "Properties"
button. Now the
Internet
Protocol (TCP/IP) Properties window should appear, and on the
General Tab you should see close to the bottom an "Advanced"
button,
click it. Now the Advanced TCP/IP Settings window should appear.
4. In the Advanced TCP/IP Settings window select the DNS Tab, and the DNS
information is displayed. Now close to the bottom, just above the
"OK" and
"Cancel" buttons are two check boxes. The top check box says
"Register
this connection's addresses in DNS", you need to check that check
box
for
that option if it is not already checked. It should look like this:
5. Once you know that this option has a check
in it's box to enable it,
then go ahead and click "OK".
That is all you have to do to enable dynamic
DNS!
Now if you prefer, you can have the DHCP
server to register the ip
addresses it gives out to it's clients to the
DNS server, which would
eliminate the user having to check to make
sure that their machine
allows the "Register this connection's
addresses in DNS" option, but
you have to configure the DHCP server to do
this. If you want to do this
see Windows 2000 Help, or look at the DHCP
manual.