Course 2277C: Implementing, managing, and maintaining a Microsoft Windows Server 2003 network infrastructure: Network services - Module 6

Module 6: Managing and Monitoring Domain Name System

Overview

• Managing DNS Records • Testing the DNS Server Configuration  • Monitoring DNS Server Performance

Lesson: Managing DNS Records

• What Is the Time to Live? • What Are Aging and Scavenging Parameters? • How Aging and Scavenging Work • Practice: Managing DNS Records

What Is the Time to Live?

The Time to Live value indicates how long a record The Time to Live value indicates how long a record should be cached should be cached

Resource Record Resource Record

Resource Record Resource Record

Zone

Cach Cach e e

Cach Cach e e DNS Server1 DNS Server1

Authoritative Authoritative DNS Server2 DNS Server2

DNS Client DNS Client

TTL set on the zone

1

The records in the zone are sent to other DNS The records in the zone are sent to other DNS servers and clients in response to queries servers and clients in response to queries

2

3

Records are cached based on the TTL period Records are cached based on the TTL period supplied in the record supplied in the record When the TTL expires, the record is removed from When the TTL expires, the record is removed from the cache the cache

What Are Aging and Scavenging  Parameters?

Aging determines when a stale record should be Aging determines when a stale record should be removed from the DNS database   removed from the DNS database

Scavenging removes outdated or extinct names Scavenging removes outdated or extinct names from the database from the database A refresh attempt is the process of a computer A refresh attempt is the process of a computer renewing its renewing its DNS record DNS record

DNS server does not accept refresh attempts

Parameter Description Example

No-Refresh Interval

7 days (default)

DNS server does accept refresh attempts

Refresh Interval

7 days (default)

How Aging and Scavenging Work

7 days

7 days

Jan 1

Jan 8

Jan 15

Scaven Scaven ge ge

Time Time stamp stamp

Refresh Refresh Interval Interval

No- No- Refresh Refresh Interval Interval

Aging Aging

Practice: Managing DNS Records

In this practice, you will: • Modify the default TTL for a zone • Modify the TTL for a record • Configure aging and scavenging

Lesson: Testing the DNS Server  Configuration

• What Are Simple and Recursive Queries? • Why Verify That a Resource Record Exists? • What Is Nslookup? • What Is Dnscmd? • What Is Dnslint? • Practice: Testing the DNS Server Configuration

What Are Simple and Recursive  Queries?

A simple query performs a local test by using the A simple query performs a local test by using the DNS client to query the DNS server DNS client to query the DNS server

A recursive query tests a DNS server by forwarding A recursive query tests a DNS server by forwarding a recursive query to another DNS server a recursive query to another DNS server

DNS Server DNS Server

DNS Root Server DNS Root Server

DNS Service DNS Service

Authoritative zone: Training.nwtraders.msft

DNS Client Resolver DNS Client Resolver

Why Verify That a Resource Record  Exists?

To identify problems with your DNS To identify problems with your DNS solution, solution, you can verify: you can verify:

Missing records Missing records Incomplete records Incomplete records Incorrectly configured records Incorrectly configured records

You can use the following three tools to You can use the following three tools to monitor DNS: monitor DNS: Nslookup Nslookup Dnscmd Dnscmd Dnslint Dnslint

What Is Nslookup?

Nslookup is a command-line tool used to diagnose DNS infrastructure Nslookup is a command-line tool used to diagnose DNS infrastructure

What Is Dnscmd?

Dnscmd allows you to complete many DNS Dnscmd allows you to complete many DNS administrative tasks from the command administrative tasks from the command prompt prompt

What Is Dnslint?

The Dnslint tool can run a series of queries to help The Dnslint tool can run a series of queries to help diagnose common DNS name resolution problems diagnose common DNS name resolution problems

Practice: Testing the DNS Server  Configuration

In this practice, you will: • Test DNS using a simple and

recursive query

• Verify records by using

Nslookup

• View DNS zone information by

using Dnscmd

• Test DNS by using Dnslint

Lesson: Monitoring DNS Server  Performance

• Guidelines for Monitoring DNS Server

Performance by Using the Performance Console

• What Is a DNS Event Log? • What Is DNS Debug Logging? • Practice: Monitoring DNS Server Performance

Guidelines for Monitoring DNS Server  Performance by Using the Performance  Console

Performance counter

What to look for after a baseline is established

Any increase over the baseline may be cause for further investigation

Dynamic Update Rejected

Recursive Queries/sec

If this counter goes dramatically up or down, it should be further investigated

AXFR Request Sent

If this counter dramatically increases or decreases, it should be investigated

What Is a DNS Event Log?

A DNS event log is configured to log only DNS A DNS event log is configured to log only DNS events events

What Is DNS Debug Logging?

DNS debug logging allows for detailed DNS DNS debug logging allows for detailed DNS statistics and information to be gathered statistics and information to be gathered

Primary DNS Server1 Primary DNS Server1

Secondary DNS Server2 Secondary DNS Server2

Practice: Monitoring DNS Server  Performance

In this practice, you will: • Monitor DNS by using the

Performance console

• Monitor DNS by using event logs • Configure DNS debug logging

Lab: Managing and Monitoring DNS

In this lab, you will: • Test simple and recursive queries • Verify SOA records by using Nslookup • Use Dnslint to verify name server

records

• View performance statistics by using

the Performance console • Verify DNS replication