Lesson 1:?Understanding DNS
DNS is most commonly associated with the Internet. However, private networks use DNS extensively to resolve computer names and to locate computers within their local networks and the Internet. DNS provides the following benefits:
- DNS names are user-friendly, which means that they are easier to remember than IP addresses.
- DNS names remain more constant than IP addresses. An IP address for a server can change, but the server name remains the same.
- DNS allows users to connect to local servers using the same naming convention as the Internet.
For more information about DNS, see RFC 1034 and RFC 1035. To read the text of these RFCs, use your Web browser to search for "RFC 1034" and "RFC 1035."
After this lesson, you will be able to
- Explain the function of DNS and its components
Estimated lesson time: 20 minutes
The domain namespace is the naming scheme that provides the hierarchical structure for the DNS database. Each node, referred to as a domain, represents a partition of the DNS database.
The DNS database is indexed by name, so each domain must have a name. As you add domains to the hierarchy, the name of the parent domain is added to its child domain (called a subdomain). Consequently, a domain's name identifies its position in the hierarchy. For example, in Figure 5.1, the domain name sales.microsoft.com identifies the sales domain as a subdomain of the microsoft.com domain and microsoft as a subdomain of the com domain.
The hierarchical structure of the domain namespace consists of a root domain, top-level domains, second-level domains, and host names.
The term domain, in the context of DNS, is not related to the term as used in the Windows 2000 directory services. A Windows 2000 domain is a grouping of computers and devices that are administered as a unit.
Figure 5.1??Hierarchical structure of a domain namespace
The root domain is at the top of the hierarchy and is represented as a period (.). The Internet root domain is managed by several organizations, including Network Solutions, Inc.
Top-level domains are two- or three-character name codes. Top-level domains are grouped by organization type or geographic location. Table 5.1 provides some examples of top-level domain names.
Table 5.1??Top-Level Domains
Top-level domains can contain second-level domains and host names.
Organizations such as Network Solutions, Inc., assign and register second-level domains to individuals and organizations for the Internet. A second-level name has two name parts: a top-level name and a unique second-level name. Table 5.2 provides some examples of second-level domains.
Table 5.2??Second-Level Domains
Host names refer to specific computers on the Internet or a private network. For example, in Figure 5.1, Computer1 is a host name. A host name is the leftmost portion of a fully qualified domain name (FQDN), which describes the exact position of a host within the domain hierarchy. In Figure 5.1, Computer1.sales.microsoft.com. (including the end period, which represents the root domain) is an FQDN.
DNS uses a host's FQDN to resolve a name to an IP address.
The host name does not have to be the same as the computer name. By default, TCP/IP setup uses the computer name for the host name, replacing illegal characters, such as the underscore (_), with a hyphen (-). For accepted domain naming conventions, see RFC 1035.
Domain Naming Guidelines
When you create a domain namespace, consider the following domain guidelines and standard naming conventions:
- Limit the number of domain levels. Typically, DNS host entries should be three or four levels down the DNS hierarchy and no more than five levels down the hierarchy. The numbers of levels increase the administrative tasks.
- Use unique names. Each subdomain must have a unique name within its parent domain to ensure that the name is unique throughout the DNS namespace.
- Use simple names. Simple and precise domain names are easier for users to remember and they enable users to search intuitively and locate Web sites or other computers on the Internet or an intranet.
- Avoid lengthy domain names. Domain names can be up to 63 characters, including periods. The total length of an FQDN cannot exceed 255 characters. Case-sensitive naming is not supported.
- Use standard DNS characters and Unicode characters.
- Windows 2000 supports the following standard DNS characters: A-Z, a-z, 0-9, and the hyphen (-), as defined in RFC 1035.
- The DNS Service also supports the Unicode character set. The Unicode character set includes additional characters not found in the American Standard Code for Information Exchange (ASCII) character set, which are required for languages such as French, German, and Spanish.
Use Unicode characters only if all servers running the DNS Service in your environment support Unicode. For more information about the Unicode character set, read RFC 2044 by searching for "RFC 2044" with your Web browser.
A zone represents a discrete portion of the domain namespace. Zones provide a way to partition the domain namespace into manageable sections and they provide the following functions:
- Multiple zones in a domain namespace are used to distribute administrative tasks to different groups. For example, Figure 5.2 depicts the microsoft.com domain namespace divided into two zones. These zones allow one administrator to manage the microsoft and sales domains and another administrator to manage the development domain.
- A zone must encompass a contiguous domain namespace. For example, in Figure 5.2, you could not create a zone that consists of only the sales.microsoft.com and development.microsoft.com domains, because these two domains are not contiguous.
For more information about contiguous namespaces, see Lesson 6, "Understanding Active Directory Concepts," later in this chapter.
Figure 5.2??Domain namespace divided into zones
The name-to-IP address mappings for a zone are stored in the zone database file. Each zone is anchored to a specific domain, referred to as the zone's root domain. The zone database file does not necessarily contain information for all subdomains of the zone's root domain, only those subdomains within the zone.
In Figure 5.2, the root domain for Zone1 is microsoft.com, and its zone file contains the name-to-IP address mappings for the microsoft and sales domains. The root domain for Zone2 is development, and its zone file contains the name-to-IP address mappings only for the development domain. The zone file for Zone1 does not contain the name-to-IP address mappings for the development domain, although development is a subdomain of the microsoft domain.
A DNS name server stores the zone database file. Name servers can store data for one zone or multiple zones. A name server is said to have authority for the domain name space that the zone encompasses.
One name server contains the master zone database file, referred to as the primary zone database file, for the specified zone. As a result, there must be at least one name server for a zone. Changes to a zone, such as adding domains or hosts, are performed on the server that contains the primary zone database file.
Multiple name servers act as a backup to the name server containing the primary zone database file. Multiple name servers provide the following advantages:
- They perform zone transfers. The additional name servers obtain a copy of the zone database file from the name server that contains the primary database zone file. This process is called a zone transfer. These name servers periodically query the name server containing the primary zone database file for updated zone data.
- They provide redundancy. If the name server containing the primary zone database file fails, the additional name servers can provide service.
- They improve access speed for remote locations. If there are a number of clients in remote locations, use additional name servers to reduce query traffic across slow wide area network (WAN) links.
- They reduce the load on the name server containing the primary zone database file.
Here are some questions to help you determine whether you have learned enough to move on to the next lesson. If you have difficulty answering these questions, review the material in this lesson before beginning the next lesson. The answers for these questions are in Appendix A, "Questions and Answers."
- What is DNS and what is it used for?
- Which of the following statements correctly describes DNS root domains? (Choose all answers that are correct.)
- The root domain is at the top of the hierarchy.
- The root domain is at the bottom of the hierarchy.
- The root domain is represented by a two- or three-character name code.
- The root domain is represented by a period (.).
- Which of the following are second-level domain names? (Choose all answers that are correct.)
- ________________ provide a way to partition the domain namespace into manageable sections and each ________________ represents a discrete portion of the domain namespace.
- Domain Name System (DNS) is a distributed database that is the default naming system for IP-based networks.
- DNS is used to resolve computer names and to locate computers within local networks and on the Internet.
- Some of the benefits that DNS provides include user-friendly DNS names that are less likely to change than IP addresses, and allowing users to connect to local servers by using the same naming convention as the Internet.
- The DNS database is indexed by name, so each domain (node) must have a name. The hierarchical structure of the domain namespace consists of a root domain, top-level domains, second-level domains, and host names.
- Host names refer to specific computers on the Internet or a private network. A host name is the leftmost portion of a fully qualified domain name (FQDN), which describes the exact position of a host within the domain hierarchy.
- Zones provide a way to partition the domain namespace into smaller sections, so a zone represents a discrete portion of the domain namespace.