Tuesday, January 6, 2015

dns zones

storage unit of domain names and ip

mostly forward but also reverse

stored in file or ad

  • file c:\windows\system32\domain.dns
  • primary and one or more secondary
  • only primary is r/w
  • secondary updated by primary or other secondary


  • stored in ad
  • replcated with other ad data incrementally
  • secure dynamic updates

DNS name resolution process

dns client has a local cache that can be pre-loaded from hosts file

dns client requests a recursive query to the dns server

dns server does a iterative query to each known domain specific servers that may redirect it to another dns server with answer

dns server that hosts the record is the authorative dns server.  non-authorative dns servers stores cached information that expires.

creating new zone

setting depend on level of traffic generated.  allows recognition of only dns data instead of all data to be replicated.

non-secure option used for no-AD aware DNS

No comments:

Post a Comment