dcsimg

Learn AD in 15 Minutes a Week: Microsoft DNS - Part 2

By Jason Zandri (Send Email)
Posted Jan 6, 2003


Welcome to the 18th installment of "Learn Active Directory Design and Administration in 15 Minutes a Week," a weekly series aimed at current IT professionals preparing to write the new Windows Active Directory Design and Administration exams (70-219 and 70-217 respectively), as well as newcomers to the field who are trying to get a solid grasp on this new and emerging directory service from Microsoft.

Part 18 of Jason Zandri's 'Learn Active Directory Design and Administration in 15 Minutes a Week' series takes a second look at Microsoft DNS and reverse lookups and caching, as well as some of the local records that the DNS server holds.

This installment takes another look at Microsoft DNS and reverse lookups, caching, and some of the local records that the DNS server holds.

In Microsoft DNS - Part 1 we looked at iterative and recursive lookups and overviewed DNS zones.

[NOTES FROM THE FIELD] - Microsoft DNS is not a requirement for Active Directory. Microsoft DNS on Windows 2000 is RFC-compliant and allows for the deployment of Active Directory under other DNS implementations. It has been tested to work with Windows NT 4.0, BIND 8.2, BIND 8.1.2, and BIND 4.9.7.

Microsoft DNS under Windows 2000 supports some features not supported under other implementations of DNS.

DNS Features

Feature
Windows 2000
Windows NT 4.0
BIND 8.2
BIND 8.1.2
BIND 4.9.7
Support for the IETF Internet-Draft "A DNS RR for specifying the location of services (DNS SRV)." (SRV records) Yes Yes (with SP 4) Yes Yes Yes
Support for dynamic update Yes No Yes Yes No
Support for secure dynamic update based on the GSS-TSIG algorithm Yes No No No No
Support for WINS and WINS Record Yes Yes No No No
Support for fast zone transfer Yes Yes Yes Yes Yes
Support for incremental zone transfer Yes No Yes No No
Support for UTF Yes No No No No

BIND version 4.9.7 is the earliest version of BIND supported for a Windows 2000 Active Directory environment for DNS support.

Reverse Lookups

When a DNS client requests a reverse DNS lookup it is effectively requesting to resolve a host name of a known IP address. In the standard DNS namespace, there is no connection between host names and IP addresses, and only a thorough search of all domains will allow for the reverse resolution.

The addr.arpa domain was created to avoid this type of query load on DNS systems. Listings for system names in the in-addr.arpa domain is by their respective IP addresses. Because the design of IP addresses is such that they become more significant from left to right, and domain names get less significant from left to right, the order of IP address in the in-addr.arpa domain are listed in reverse order.

Pointer (PTR) records are added to the host names and IP addresses and the corresponding host name. To perform a successful reverse lookup of a given IP address, such as 121.41.113.10, the DNS server performing the query looks for a PTR record for 10.113.41.121.inaddr.arpa which will have the host name and IP address 121.41.113.10.

[NOTES FROM THE FIELD] - A Web site, http://remote.12dt.com/rns/, created by Frank Riherd allows users to punch up an IP address, and it will perform the reverse lookup and return the name of the resolved address to you.

Microsoft Knowledge Base Article - Q245574 HOWTO: Configure REMOTE_HOST to Perform a Reverse DNS Lookup in IIS outlines the steps to Perform a Reverse DNS Lookup in IIS.

Page 1 of 3


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.