Dns On Windows Server 1002003 [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Dns On Windows Server 1002003 [Electronic resources] - نسخه متنی

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Sitemap

Main Page

Table of content

Copyright

Preface

Versions

What''s New in This Edition

Organization

Audience

Obtaining the Example Programs

Viewing Microsoft Knowledge Base Articles

Conventions Used in This Book

Using Code Examples

How to Contact Us

Quotations

Acknowledgments

Chapter 1. Background

1.1 A (Very) Brief History of the Internet

1.2 On the Internet and Internets

1.3 The Domain Name System in a Nutshell

1.4 The History of the Microsoft DNS Server

1.5 Must I Use DNS?

Chapter 2. How Does DNS Work?

2.1 The Domain Namespace

2.2 The Internet Domain Namespace

2.3 Delegation

2.4 Name Servers and Zones

2.5 Resolvers

2.6 Resolution

2.7 Caching

Chapter 3. Where Do I Start?

3.1 Which Name Server?

3.2 Choosing a Domain Name

Chapter 4. Setting Up the Microsoft DNS Server

4.1 Our Zone

4.2 Installing the Microsoft DNS Server

4.3 The DNS Console

4.4 Setting Up DNS Data

4.5 Running a Primary Master Name Server

4.6 Running a Secondary Name Server

4.7 Adding More Zones

4.8 DNS Properties

4.9 What Next?

Chapter 5. DNS and Electronic Mail

5.1 MX Records

5.2 Adding MX Records with the DNS Console

5.3 What''s a Mail Exchanger, Again?

5.4 The MX Algorithm

5.5 DNS and Exchange

Chapter 6. Configuring Hosts

6.1 The Resolver

6.2 Resolver Configuration

6.3 Advanced Resolver Features

6.4 Other Windows Resolvers

6.5 Sample Resolver Configurations

Chapter 7. Maintaining the Microsoft DNS Server

7.1 What About Signals?

7.2 Logging

7.3 Updating Zone Data

7.4 Zone Datafile Controls

7.5 Aging and Scavenging

Chapter 8. Integrating with Active Directory

8.1 Active Directory Domains

8.2 Storing Zones in Active Directory

8.3 DNS as a Service Location Broker

Chapter 9. Growing Your Domain

9.1 How Many Name Servers?

9.2 Adding More Name Servers

9.3 Registering Name Servers

9.4 Changing TTLs

9.5 Planning for Disasters

9.6 Coping with Disaster

Chapter 10. Parenting

10.1 When to Become a Parent

10.2 How Many Children?

10.3 What to Name Your Children

10.4 How to Become a Parent: Creating Subdomains

10.5 Subdomains of in-addr.arpa Domains

10.6 Good Parenting

10.7 Managing the Transition to Subdomains

10.8 The Life of a Parent

Chapter 11. Advanced Features and Security

11.1 New Ways to Make Changes

11.2 WINS Linkage

11.3 Building Up a Large, Sitewide Cache with Forwarders

11.4 Load Sharing Between Mirrored Servers

11.5 The ABCs of IPv6 Addressing

11.6 Securing Your Name Server

Chapter 12. nslookup and dig

12.1 Is nslookup a Good Tool?

12.2 Interactive Versus Noninteractive

12.3 Option Settings

12.4 Avoiding the Search List

12.5 Common Tasks

12.6 Less Common Tasks

12.7 Troubleshooting nslookup Problems

12.8 Best of the Net

12.9 Using dig

Chapter 13. Managing DNS from the Command Line

13.1 Installing the DNS Server

13.2 Stopping and Starting the DNS Server Service

13.3 Managing the DNS Server Configuration

13.4 An Installation and Configuration Batch Script

13.5 Other Command-Line Utilities

Chapter 14. Managing DNS Programmatically

14.1 WMI and the DNS Provider

14.2 WMI Scripting with VBScript and Perl

14.3 Server Classes

14.4 Zone Classes

14.5 Resource Record Classes

Chapter 15. Troubleshooting DNS

15.1 Is DNS Really Your Problem?

15.2 Checking the Cache

15.3 Using DNSLint

15.4 Potential Problem List

15.5 Interoperability Problems

15.6 Problem Symptoms

Chapter 16. Miscellaneous

16.1 Using CNAME Records

16.2 Wildcards

16.3 A Limitation of MX Records

16.4 DNS and Internet Firewalls

16.5 Dial-up Connections

Appendix A. DNS Message Format and Resource Records

A.1 Master File Format

A.2 DNS Messages

A.3 Resource Record Data

Appendix B. Converting from BIND to the Microsoft DNS Server

B.1 Step 1: Change the DNS Server Startup Method to File

B.2 Step 2: Stop the Microsoft DNS Server

B.3 Step 3: Change the Zone Datafile Naming Convention

B.4 Step 4: Copy the Files

B.5 Step 5: Get a New Root Name Server Cache File

B.6 Step 6: Restart the DNS Server

B.7 Step 7: Change the DNS Server Startup Method to Registry

Appendix C. Top-Level Domains

Colophon

Index

Index SYMBOL

Index A

Index B

Index C

Index D

Index E

Index F

Index G

Index H

Index I

Index J

Index K

Index L

Index M

Index N

Index O

Index P

Index Q

Index R

Index S

Index T

Index U

Index V

Index W

Index Z
توضیحات
افزودن یادداشت جدید










4.6 Running a Secondary Name Server


You need to set up another
name server for robustness. You can (and
probably will) set up more than two name servers. Two servers are the
minimum. If you have only one name server and it goes down, no one
can look up names in your zone. A second name server splits the load
with the first server or handles the whole load if the first server
is down. You could set up another primary master
name server, but we don't recommend it. Set up a
secondary name server instead.

How does a server know if it is a primary master or a secondary for a
zone? The DNS server configuration information in the Registry tells
the server it is a primary master or a secondary on a per zone basis.
The NS records don't tell us which server is the
primary master for a zone and which servers are secondaries for a
zonethey only say who the servers are. (Globally, DNS
doesn't care; as far as the actual name resolution
goes, secondary servers are as good as primary master servers.)

What is different between a primary master name server and a
secondary name server? The crucial difference is where the server
gets its data. A primary master name server reads its data from
files. A secondary name server loads its data over the network from
another name server. This process is called a zone
transfer.

A secondary
name server is not limited to loading zones from a primary master
name server; a secondary can load from another secondary. The big
advantage of secondary name servers is that you maintain only one set
of zone datafiles: the ones on the primary master name server. You
don't have to worry about synchronizing the files
among name servers; the secondaries do that for you.

A secondary name server doesn't need to retrieve
all of its datafiles over the network; the
cache.dns file is the same as on a primary
master, so you'll need a local copy on the
secondary. Fortunately, the DNS server installation process includes
this file.


4.6.1 Add a New Server to the DNS Console


The first step in configuring a
secondary server is to add the server to the DNS
console's world view. Just as we did when
configuring the primary master, select Action Connect to DNS Server, then enter the name or
IP address of the secondary. In this case our secondary will be
wormhole with IP address 192.249.249.1. Of
course, the DNS server has to be installed and running on the
secondary-to-be for the DNS console to be able to manage it.


4.6.2 Create a New Zone


This new
server will be a secondary for every zone on the primary, so
we'll have to go through the new zone process for
each zone. Let's start with
movie.edu. Select Action New Zone. This time, select Secondary zone in the second window of the
wizard. In the third window, select Forward
lookup zone. The fourth window is shown in Figure 4-29.


Figure 4-29. Creating a new secondary zone: specifying the zone's domain name


In the Zone name field, enter the
domain name of the zone (in this case,
movie.edu). Click Next to move to the next window, shown in
Figure 4-30.


Figure 4-30. Creating a new secondary zone: specifying master servers


At this point, the processes of creating a primary master zone and a
secondary zone really diverge. This is the screen where you specify
where this name server will get the zone data. In this example,
we're making wormhole a
secondary for the movie.edu zone. We need to
tell wormhole to load the zone from
terminator, the primary master. In fact, on this
screen you can specify multiple IP addresses. In advanced (and
complicated) configurations, a secondary can sometimes get the zone
information from multiple primaries or multiple sources. The DNS
console supports those configurations. You could also just specify
the IP address of another secondary after that of the primary: in
case the primary is down, this secondary can load from another
secondary. Of course, Movie U. doesn't have another
secondary (yet).

For now, we just specify
terminator's IP address,
192.249.249.3, then click Next. The
final window in the process is the same as when creating a primary
zone: it just tells you that you're done now and
asks you to click Finish.
We'll omit showing it to you.

When you're done, the new secondary immediately
initiates a zone transfer to the primary to download the zone. Within
a few seconds you should be able to double-click the
secondary's icon for the zone and see the records in
the zone.


4.6.3 Add an NS Record for the New Secondary Name Server


Your
new secondary won't be much good if the rest of the
world doesn't know about it. As a general rule, when
you add another name server for a zone, you also need to add an NS
record for it. (We'll discuss the exceptions to this
in Chapter 9.)

You need to add an NS record for the secondary on the
zone's primary. (Remember that all changes to a zone
are made on the primary and propagate automatically to the
secondaries. Don't get confused by the fact that the
DNS console lets you see all your name serversyou make the
changes only to the zone's primary.) In our case, we
need to add an NS record for wormhole to the
movie.edu zone. So we click on
movie.edu under terminator
and select Action
Properties. Click on the Name Servers tab and you'll
see a window like the one in Figure 4-31.


Figure 4-31. NS records for the movie.edu zone


This window shows that right now there's only one NS
record for the movie.edu zone, which specifies
terminator.movie.edu as an authoritative name
server. To add another, click Add
and you'll see the window shown in Figure 4-32.


Figure 4-32. Adding an NS record


Enter the name and IP address of the secondary name server and click
OK.


4.6.4 Don't Forget the in-addr.arpa Zones!


Now repeat this secondary
zone creation process with the
249.249.192.in-addr.arpa and 253.
253.192.in-addr.arpa zones.


4.6.5 SOA Values




Remember this SOA record for the
movie.edu zone?

@                       IN  SOA terminator.movie.edu.  hostmaster.movie.edu. (
17           ; serial number
900          ; refresh
600          ; retry
86400        ; expire
3600       ) ; default TTL

We never explained what the values in between the parentheses were
for.

The serial number applies to all the data within the zone. Think of
it as a version number for the zone. When we created this zone with
the DNS console, the serial number began at 1. The DNS console
automatically increments the serial number in a
zone's SOA record whenever you make a change to the
zone. The current serial number of 17 shows we've
made a few changes since creating the zone. If you look at SOA
records from other zones, you might see the date encoded in the
serial numberfor example, 2000102301. This format is
YYYYMMDDNN, where YYYY is the year, MM is the month, DD is the day,
and NN is a count of how many times the zone data was modified that
day. Note that you can't use this convention with
the DNS console. It just increments the serial number by one each
time a change is made and doesn't understand the
date encoding.

When a secondary name server contacts a primary master server for
zone data, it first asks for the serial number of the data. If the
secondary's serial number is lower than the
primary's, the secondary's zone
data is out of date. In this case, the secondary pulls a new copy of
the zone. As you might guess, if you ever modify the zone datafiles
on the primary master by hand, you must increment the serial number,
too. Updating zone datafiles is covered in Chapter 7.

The next four fields specify various time intervals in seconds:

refresh


The refresh
interval tells the secondary how often to check that its data is up
to date. To give you an idea of the system load this feature causes,
a secondary will make one SOA query per zone per refresh interval.
The default value generated by the DNS console when the zone was
created, one hour, is reasonably aggressive. Most users will tolerate
a delay of half a working day for things like name server data to
propagate when they are waiting for their new workstation to be
operational. If you provide one-day service for your site, consider
raising this value to eight hours. If your data
doesn't change very often, or if all your
secondaries are spread over long distances (as the root name servers
are), consider a longer value, such as 24 hours.


retry


If a
secondary fails to reach the primary name server(s) after the refresh
period (the hosts or hosts could be down), it starts trying to
connect every retry seconds. The retry interval
is usually shorter than the refresh interval, but it
doesn't have to be.


expire


If a secondary
fails to contact the primary server(s) for
expire seconds, the secondary expires its data.
Expiring the data means the secondary stops giving out answers about
the data because the data is too old to be useful. Essentially, this
field says: at some point, the data is so old that having no data is
better than having stale data. We think Microsoft's
default expire time of 86,400 seconds (24 hours) is awfully short.
Expire times on the order of a week are common, and the interval can
be longer (up to a month) if you frequently have problems reaching
your updating source. The expiration time should always be much
larger than the retry and refresh intervals; if the expire time is
smaller than the refresh interval, your secondaries will expire their
data before trying to load new data.


default TTL


TTL
stands for time to live. This value applies to all the resource
records in the zone datafile. The name server supplies this TTL in
query responses, allowing other servers to cache the data for the TTL
interval. If your data doesn't change much, you
might consider using a minimum TTL of several days. One week is about
the longest value that makes sense. The default value of 3,600
seconds (one hour) is very short, which we don't
recommend because of the amount of DNS traffic it causes.



What values you choose for your SOA record will depend upon the needs
of your site. In general, longer times cause less loading on your
systems and lengthen the propagation of changes; shorter times
increase the load on your systems and speed up the propagation of
changes. We find the following values work well for most sites;
they're also a good starting point if
you're not sure what values to use:

       10800 ;  Refresh         3 hours
3600 ;  Retry           1 hour
2592000 ;  Expire         30 days
86400 ;  Minimum TTL     1 day

Some final notes about TTL values. First, the DNS console only
displays TTL values on individual records if you're
in advanced mode. Check out the setting on the View menu. Second, the DNS console displays
TTLs in a somewhat cryptic fashion. Take a look back at the NS record
we added in Figure 4-32. Notice the TTL specified as
0: 1: 0: 0. "What
the heck is that?" you ask. Well, the first field is
days, then hours, minutes, and seconds. So rather than display a
value in seconds and make you do the math, the DNS console
lets

you
specify a TTL in a more convenient way.


/ 163