Computer Performance, Windows Server 2003

Guy recommends:
Free config generator

Solarwinds Config Generator

This CG will put you in charge of controlling changes to network routers and other SNMP devices.

Download your free Config Generator

 

DNS in Windows 2003

Server Backup Software
Manage your server backups without complex setups. Download free trial www.gfi.com/
server-backup

Network Backup Software
Future proof your company data with GFI Backup™ 2010. Get Free Trial! www.gfi.com/
Network_Backup

Guy recommends :
Free AD WMI Monitor

WMI Monitor

Take the guess work out of which WMI counters to use.

Download your free Active Directory WMI Monitor

Guy's Review of
Computer Utilities

1) FreePing
2) LanSurveyor
3) Xobni
4) PuTTY (UNIX)
5) WMI Monitor
6) BgInfo
7) Net-SNMP
8) Engineer's Toolset
9) DNS Stuff
10) WinDiff

Introduction to DNS in Windows Server 2003

This page begins with the basic concepts of DNS and moves on to troubleshooting.  The golden rule when dealing with DNS is this, remember that the name of the DNS game is name resolution.  By that I mean we humans like friendly names like cisco.com, whereas computer like dotty dot number like 10.1.13.20.  What DNS does is to keep a mapping of the two parts:

IP Address = 10.1.13.20   -   Resource = BigServer.cisco.com 

One trait I noticed with DNS is that many of its features come in pairs, this symmetry will help you to remember and to understand how DNS operates.

Topics for DNS

  ‡

Query and Registration

Whether you are configuring or whether you are troubleshooting there are two aspects of DNS to consider:
a) Registration --> sending information to the DNS server database.
b) Query <-- retrieving IP addresses from the DNS hierarchical system.

Registration

The best way to register clients is through DHCP.  The DHCP server gives out not only the client's IP address, but also the address of the DNS servers.

The good news is that DNS is now dynamic (DDNS).  This means that if a client changes it's IP address, then either the client updates DNS directly, or DHCP will act on the clients behalf and send a message to update the (A) Host record in DNS.

Query

From the client's point of view, when it needs to know the IP address of a resource, it contacts the DNS server(s) named in the TCP/IP property sheet.  Best practice is to give out this DNS server IP through DHCP.  What you need to configure in DHCP is Option Type 006 - DNS.

TrainSignal - Recommended Training VideosDNS is a huge topic, as an MCT trainer, I can thoroughly recommend TrainSignal because they provide practical hands on training.  In particular, I like the way TrainSignal cover all learning methods, instructor lead, video and of course text material.  You can either take one module, for example DNS or go for a combination of modules.  Learn more about DNS 2003 here

Recursive and Iterative DNS Queries

Recursive

Recursive queries are the default method.  A recursive query means that the DNS server takes full responsibility for finding the IP address that the client wants.  Take as an example, a client wants to query google.com.  It is unlikely that the server is authoritative, or has a Host record for Google.com.  So, the DNS server contacts the root server for the IP address of .com servers; it then contacts those .com servers and asks for the IP address of google.com.  Finally the DNS server sends the information to the client.

Woops!  I left out the very first step.  The root of the DNS system is a dot (period) "."  In Server 2003,  the icon representing the DNS server has a 'Root Hints' tab.  Here you find the IP addresses of all the top level domains.  It is because DNS is hierarchical, that it scales so well, and is superior to WINS which only offers a limited, flat-field system.

                          "."  (Root of DNS)

.com    .org  .net  .edu   .mil   .gov    .co.uk  

Iterative

Iterative means the server returns the best answer it can.  In the above example the DNS server would say to the client.  'I do not know where google.com is, here is the IP address of the root servers, you go and query them.'

Forward and Reverse Lookup

Forward Lookup

A forward query is where you know the hostname, but your operating system needs the IP address to locate the resource.  The best way to create your Active Directory forward lookup zone is for DCPROMO to create it when the member server is promoted.  Example "DNS, please tell me the IP address of LogonServer".  Response from DNS, LogonServer 10.209.12.20.

Reverse Lookup

I always think of reverse lookup as a hackers tool, where they know the IP address but want to know the hostname.  A classic situation would be that you can ping an IP address, and want to know what the hostname of that address.

Ping - 10.209.12.20.    

NSLookup - 10.209.12.20        Reply from DNS LogonServer 10.209.12.20.

In fact there are many legitimate reasons for using reverse lookups, authenticating mail servers and troubleshooting with NSLookup to name two.  Windows Server 2003 is very friendly in helping you create the reverse zone (technically called in-addra.arpa).  Where it is less friendly is that you have to create the PTR or pointer records yourself.  However if you are organized and create the reverse lookup zone before you populate the forward lookup zone, then you can check a box saying - "Update Associated Pointer (PTR) Record"

-

Troubleshooting

Again we have a pair of utilities.  IPCONFIG and NSLookup are your key DNS commands.  Both are available at the command prompt on Windows 2003, XP and even NT 4.0 machines.

IPCONFIG

IPCONFIG has two new switches /registerdns and /flushdns.  If you need to add a record to DNS, then IPCONFIG / registerdns will save you a reboot.  Perhaps a connection is failing because of stale, invalid, cached IP address, IPCONFIG / flushdns will clear the cache and you can make that connection.

There is also another pair of switches, /release and /renew for use when refreshing DHCP leases.  Also remember IPCONFIG /all to check on DNS and DHCP server settings.

NSLookup comes in two modes

a) Non-interactive where you just want a quick lookup of a server name, example: NSLookup 10.209.12.20

b) Interactive mode which is more difficult to master.  Here  you type:

NSLookup

>

My best advice when you reach the prompt is to type: help.

Example ls -t NS topbanana.com 

This would list all records of type Name Servers in the topbanana.com domain.

If you experiment with NSLookup and nothing happens, then remember that you need a Reverse Lookup Zone with (PTR) pointer records.  Once you create those PTR records, NSLookup will return that server name.

I use NSLookup when I am troubleshooting from a client machine and I wish to list the DNS records.  It saves a long walk to the DNS server and gets around having to install the AdminPak just to view the DNS records.

Monitor Your Network with the Real-time Traffic AnalyzerSolarwinds Real-time Traffic Analyzer

The main reason to monitor your network is to check at a glance which of your servers are available.  If there is a network problem you want an interface to show the scope of the problem immediately.

Even when all servers and routers are available, sooner or later you will be curious to know who, or what, is hogging the precious network's bandwidth.  A GUI showing the top 10 users makes interesting reading.

Another reason to monitor network traffic is to learn more about your server's response times and the consumption of resources.  To take the pain out of capturing frames and analysing the raw data, Guy recommends that you download a copy of the SolarWinds free Real-time NetFlow Analyzer.

More about the Features of DNS


   Download your Active Directory 2003 eBook for only $5.25

The extra features you get in your eBook include: lots of examples on 'How to ...'.  New pages with deployment recommendations.  Detailed instructions and screen shots showing the menus to configure.

Go for offline convenience and get a printable version with copy enabled and no expiry date. Released October 2003.  Check out the features.

 

See Also

Migration from NT 4.0 is a separate topic from pure installation.  In brief there are two main strategies, upgrade the PDC in an existing domain or start with a new domain and import the users from NT 4.0 using a bulk import program like CSVDE.

 

 .

Google

Web This Site

Guy Recommends: SolarWinds Engineer's Toolset v10Engineer's Toolset v10

The Engineer's Toolset v10 provides a comprehensive console of utilities for troubleshooting computer problems.

There are so many good gadgets, it's like having free rein of a sweetshop. Thankfully the utilities are displayed logically: monitoring, discovery, diagnostic, and Cisco tools.  Download your copy of the Engineer's Toolset v 10

 

Home Copyright © 1999-2010 Computer Performance LTD All rights reserved

Please report a broken link, or an error.