1. Installing the DNS Server Service
By
default, all computers running Windows Server 2003 and Windows XP have
the DNS Client service installed and running. However, the DNS Server
service is not installed by default in any Windows operating system. To
install the DNS Server service on a computer running Windows Server
2003, you first need to add the DNS server role through the Manage Your
Server page.
Once you have added this
role, the DNS console appears in the Administrative Tools program
group. The DNS console is the main tool for configuring and monitoring
DNS servers, zones, domains, and resource records.
Note
Alternatively,
you can install the DNS Server service through Add Or Remove Programs
in Control Panel. Select Add/Remove Windows Components, and use the
Windows Components Wizard to install the Domain Name System (DNS)
subcomponent within the Networking Services Windows component. |
To install a DNS server, complete the following steps:
1. | Verify that you have assigned the computer a static address.
|
2. | Click Start and then click Manage Your Server to open the Manage Your Server page.
|
3. | Click Add Or Remove A Role.
|
4. | On the Preliminary Steps page of the Configure Your Server Wizard, follow the instructions and then click Next.
|
5. | On the Server Role page, select DNS Server in the Server Role list and then click Next.
|
6. | In the Summary Of Selections page, click Next. You will be prompted to insert the Windows Server 2003 CD-ROM.
When the DNS server component has finished installing, the Configure A DNS Server Wizard appears.
|
7. | To
configure the DNS server you have just installed, follow the prompts
and accept all default settings to complete the Configure A DNS Server
Wizard.
|
2. Configuring a DNS Server
To
simplify the customization of DNS server settings and the creation of
new zones, you can run the Configure A DNS Server Wizard. This wizard
is invoked automatically when you add the DNS server role. After the
wizard is run, you can refine your DNS server configuration later
through the DNS administrative console. You can also configure your DNS
server completely through the server properties dialog box in the DNS
console without ever running the Configure A DNS Server Wizard.
To
run or rerun the Configure A DNS Server Wizard after the DNS Server
service is installed, right-click the server you want to configure in
the DNS console tree and then select Configure A DNS Server.
Creating Zones
DNS servers support two types of zones: forward lookup and reverse lookup.
In forward lookup zones, DNS servers map fully qualified domain names
(FQDNs) to Internet Protocol (IP) addresses. In reverse lookup zones,
DNS servers map IP addresses to FQDNs.
Note
You
can create a root server in a DNS namespace by naming a zone with a
single dot (.). When you perform this task, you cannot configure the
server to forward queries to another name server. |
To
create forward and reverse lookup zones, you can use the Configure A
DNS Server Wizard. You can also create new zones at any time by using
the DNS console. To do so, right-click either the Forward Lookup Zones
folder or the Reverse Lookup Zones folder, and then select New Zone.
This process launches the New Zone Wizard.
Zone Types
The New Zone Wizard allows you to configure the server’s role in each of its zones. These roles include the following:
Primary
Zone data provides the original source records for all domains in the
zone. Zone data can be transferred to a secondary zone for fault
tolerance and load balancing.
Secondary Zone data is an authoritative backup for the primary zone or for other secondary zones.
Stub Zone data contains only those resource records necessary to identify the authoritative DNS servers for the master zone.
3. Understanding Server Types
The DNS server type
refers to the type of zone the server is hosting—or, in the case of
caching-only servers, whether it is hosting a zone at all. The
following sections describe some essential features of the various
server types.
Primary Servers
A
primary server is created when a primary zone is added, either through
the New Zone Wizard, the Configure A DNS Server Wizard, or command-line
tools.
The primary server for a zone acts
as the zone’s central point of update. Newly created zones are always
this type. With Windows Server 2003, you can deploy primary zones in
one of two ways: as standard primary zones or primary zones integrated
with Active Directory.
Standard Primary Zones
For
standard primary zones, only a single server can host and load the
master copy of the zone. If you create a zone and keep it as a standard
primary zone, no additional primary servers for the zone are permitted.
The
standard primary model implies a single point of failure. For example,
if the primary server for a zone is unavailable to the network, no
changes to the zone can be made.
Note
that queries for names in the zone are not affected and can continue
uninterrupted, as long as secondary servers for the zone are available
to answer those queries.
Active Directory–Integrated Zones
When
you deploy an Active Directory–integrated zone, zone data is stored and
replicated in Active Directory. Using an Active Directory–integrated
zone increases fault tolerance and (by default) turns every domain
controller in the domain running the DNS Server service into a primary
server. To configure a primary zone as an Active Directory–integrated
zone, the original DNS server on which the zone is created must be an
Active Directory domain controller. The process of deploying
There
are several advantages to integrating your DNS zone with Active
Directory. First, because Active Directory performs zone replication,
an implementation of Active Directory–integrated zones that uses domain
controllers as DNS servers eliminates the need to configure zone
transfers to secondary DNS servers. Fault tolerance, along with
improved performance from the availability of multiple read/write
primary servers, is provided by the presence of multimaster replication
on your network. Second, Active Directory allows for single properties
of resource records to be updated and replicated among DNS servers.
Avoiding the transfer of many and complete resource records decreases
the load on network resources during zone transfers. Finally, Active
Directory integration allows you to configure access security for
stored records, which prevents unauthorized updates.
Secondary Servers
DNS
design specifications recommend that at least two DNS servers be used
to host each zone. For standard primary zones, secondary servers
provide a means to offload DNS query traffic in areas of the network
where a zone is heavily queried and used. Additionally, if a primary
server is down, a secondary server provides name resolution in the zone
until the primary server is available.
The servers from which secondary servers acquire zone information are called masters.
A master can be the primary server or another secondary server. You
specify the secondary server’s master servers when the server’s
secondary zone is created, through either the New Zone Wizard, the
Configure A DNS Server Wizard, or command-line tools.
Stub Servers
Stub DNS servers host stub zones,
which are abbreviated copies of a zone that contain only a list of the
authoritative name servers for its master zone. A DNS server hosting a
stub zone attempts to resolve queries for computer names in the master
zone by querying the name servers listed. Stub zones are most
frequently used to enable a parent zone to keep an updated list of the
name servers available in a child zone.
Caching-Only Servers
Caching-only servers
do not host any zones and are not authoritative for any particular
domain. The information they contain is limited to what has been cached
while resolving queries.
In determining
when to use this kind of server, note that when it is initially
started, it has no cached information. The information is obtained over
time as client requests are serviced. However, if you are dealing with
a slow WAN link between sites, this option might be ideal because once
the cache is built, traffic across the WAN link decreases. DNS queries
are also resolved faster, improving the performance of network
applications. In addition, the caching-only server does not perform
zone transfers, which can also be network-intensive in WAN
environments. Finally, a caching-only DNS server can be valuable at a
site where DNS functionality is needed locally, but administering
domains or zones is not desirable for that location.
By default, the DNS Server service acts as a caching-only server. Caching-only servers thus require little or no configuration.
To install a caching-only DNS server, complete the following steps:
1. | Install the DNS server role on the server computer.
|
2. | Verify that server root hints are configured or updated correctly.
|
3. | Do not configure the DNS server with any zones. |
