f
Lesson 5: Domain Name System
DNS is a distributed database used in TCP/IP networks to translate computer names (host
names) to IP addresses. This lesson introduces you to DNS and name resolution. It also
discusses the skills necessary and provides information to install and configure the DNS
service.
Introduction to DNS
DNS is most commonly associated with the Internet. However, private networks use
DNS extensively to resolve computer host names and to locate computers within their
local networks and the Internet. DNS name resolution is different than the name
resolution provided by WINS. WINS resolves NetBIOS names to IP addresses, while
DNS resolves IP host names to IP addresses. IP host names resolved using DNS or other
means, provide the following benefits:
•IP host names are user-friendly, which means they are easier to remember than IP
addresses.
•IP host names remain more constant than IP addresses. An IP address for a server
can change, but the server name remains the same.
•IP host names allow users to connect to local servers by using the same naming
convention as the Internet.
Domain Namespace
Domain namespace is the naming scheme that provides the hierarchical structure for the
DNS database. Each node represents a partition of the DNS database. These nodes are
referred to as domains.
The DNS database is indexed by name; therefore, each domain must have a name. As
you add domains to the hierarchy, the name of the parent domain is appended to its child
domain (called a subdomain). Consequently, a domain's name identifies its position in the
hierarchy. For example, in Figure 9.10 the domain name sales.microsoft.com identifies
the sales domain as a subdomain of the microsoft domain and microsoft as a subdomain
of the com domain.
Figure 9.10 Hierarchical structure of a domain namespace
As Figure 9.10 illustrates, the hierarchical structure of the domain namespace consists of
a root domain, top-level domains, second-level domains, and host names.
Root Domain
The root domain is at the top of the hierarchy and is represented as a period (.). The
Internet root domain is managed by several organizations, including Network Solutions,
Inc.
Top-Level Domains
Top-level domains are two-character or three-character name codes. Top-level domains
are categorized by organization type or geographic location. Thefollowing table provides
some examples of top-level domain names.
Top-level domain Description
gov Government organizations
com Commercial organizations
edu Educational institutions
org Noncommercial organizations
au Country code of Australia
Top-level domains can contain second-level domains and host names.
Second-Level Domains
Organizations such as Network Solutions, Inc. assign and register second-level domains
to individuals and organizations for the Internet. A second-level domain can contain both
hosts and subdomains. For example, microsoft.com can contain computers such as
ftp.microsoft.com and subdomains such as dev.microsoft.com. The subdomain
dev.microsoft.com can contain hosts such as printerserver1.dev.microsoft.com.
Host Names
Host names refer to specific computers on the Internet or a private network. For example,
in Figure 9.10, Computer1 is a host name. A host name is the leftmost portion of a fully
qualified domain name (FQDN), which describes the exact position of a host within the
domain hierarchy. In Figure 9.10, Computer1.sales.microsoft.com. (including the end
period, which represents the root domain) is an FQDN.
DNS uses a host's FQDN to resolve a name to an IP address.
Domain Naming Guidelines
When you create a domain namespace, consider the following domain guidelines and
standard naming conventions:
•Limit the number of domain levels. Typically, DNS host entries should be three
or four levels down the DNS hierarchy and no more than five levels down the
hierarchy. As the number of levels increases, so do the administrative tasks.
•Use unique names. Each subdomain must have a unique name within its parent
domain to ensure that the name is unique throughout the DNS namespace.
•Use simple names. Simple and precise domain names are easier for users to
remember and enable users to search intuitively and locate Web sites or other
computers on the Internet or an intranet.
•Avoid lengthy domain names. Domain names can be up to 63 characters,
including the periods. The total length of an FQDN cannot exceed 255 characters.
Case-sensitive naming is not supported.
•Use standard DNS characters and Unicode characters:
oWindows 2000 supports the following standard DNS characters: A
through Z, a through z, 0 through 9, and the hyphen (-), as defined in RFC
1035.
oThe DNS Service also supports the Unicode character set. The Unicode
character set, which includes additional characters not found in the
American Standard Code for Information Exchange (ASCII) character set,
is required for languages such as French, German, and Spanish.
Zones
A zone represents a discrete portion of the domain namespace. Zones provide a way to
partition the domain namespace into manageable sections.
Multiple zones in a domain namespace are used to distribute administrative tasks to
different groups. For example, Figure 9.11 depicts the microsoft.com domain namespace
divided into two zones. The two zones allow one administrator to manage the microsoft
and sales domains and another administrator to manage the development domain.
Figure 9.11 Domain namespace divided into zones
A zone must encompass a contiguous domain namespace. For example, as Figure 9.11
shows, you can create a zone for sales.microsoft.com and the parent domain
microsoft.com because these zones are contiguous. However, you cannot create a zone
that consists of only the sales.microsoft.com domain and the development.microsoft.com
domain because these two domains are not contiguous.
The name-to-IP-address mappings for a zone are stored in the zone database file. Each
zone is anchored to a specific domain, referred to as the zone's root domain. The zone
database file does not necessarily contain information for all subdomains of the zone's
root domain, only those subdomains within the zone.
In Figure 9.11, the root domain for Zone1 is microsoft, and its zone file contains the
name-to-IP-address mappings for the microsoft and sales domains. The root domain for
Zone2 is development, and its zone file contains the name-to-IP-address mappings for the
development domain only. The zone file for Zone1 does not contain the name-to-IP
address mappings for the development domain, although development is a subdomain of
the microsoft domain.
Name Servers
A DNS name server stores the zone database file. Name servers can store data for one
zone or multiple zones. A name server is said to have authority for the domain namespace
that the zone encompasses.
There must be at least one name server for a zone. However, a zone can have multiple
name servers associated with it. One of these servers contains the master zone database
file, which is also referred to as the primary zone database file, for that zone. Changes to
a zone, such as adding domains or hosts, are performed on the server that contains the
primary zone database file. Any other name servers associated with the zone act as a
backup to the name server containing the primary zone database file. These name servers
contain a secondary zone database file.
Multiple name servers provide several advantages:
•Performing zone transfers The additional name servers obtain a copy of the
zone database file from the name server that contains the primary database zone
file. This is called a zone transfer. These name servers periodically query the
name server containing the primary zone database file for updated zone data.
•Providing redundancy If the name server containing the primary zone database
file fails, the additional name servers can provide service.
•Improving access speed for remote locations If a number of clients are in
remote locations, use additional name servers to reduce query traffic across slow
WAN links.
•Reducing loads The additional name servers reduce the load on the name server
containing the primary zone database file. Windows 2000 also supports directory-
integrated zone storage by using the Active Directory database. Zones stored this
way are located in the Active Directory tree under the domain object container.
Each directory-integrated zone is stored in a DNS zone container object identified
by the name you choose for the zone when you create it.
