How DNS Server works and How to Troubleshoot

What is DNS  or What is DNS server 
Why its Important in Directory.

->DNS means Domain naming System or Domain Naming Server ,which is used to map or resolve IP  address to the Host-name or Host-name to IP Address.
->Where Ever we are resolving IP to Host-name or host-name to IP then there is a DNS server           which   perform the resolution for client system.
->If we are opening any website then ISP DNS server resolve the host-name to IP address for us.
->like that in any organization there will be many client computers and servers and all has to be    resolve internally ,for that we require DNS server to resolve the query ,so that we can ping or query or access any systems using host-name.

->Now we know why DNS server is required in out internal network or external network,now we will talk about why its required for active directory.
->when we have placed active directory in our infrastructure and also we have many additional domain controller or sites ,then replication will happen between the DCs or Sites but Active Directory works with Domain controller host-name not with IP address and it creates many DNS records like SRV-NS,LDAP, KERBEROS, CNAME, Host and PTR Rocords and it communicate with another DCs when it resolve the DNS query as SRV records are created for service records.

->2nd when client Query any Domain controller in there subnet then First it send the Query to DNS server to get the DCs list and then it will contact Active Directory and AD will re-rout it to local Domain controller for  authentication,so if DNS server is not responding to client then client system can not authenticate user to domain controller.
->At last in Active Directory all the function works with DNS ,so its very important to understand DNS while troubleshooting Active Directory issues.

What is Delegation in DNS,What is DNS Delegation.
->When we want to provide access of records to any other authoritative DNS server or child domain DNS serer then we can do it by DNS delegation ,so that any DNS server can use the DNS records of any other DNS server, In this case it directly respond to the DNS query instead of forwarding.
->In active directory we use DNS delegation while configuring the Trust or if we have multiple domains and due to network latency we can create DNS delegation to share the resource records with other domains.
->We use Stub zone for DNS delegation purpose ,as it contains only SOA,NS,A, records.

What is Recursive and Iterative DNS queries.
Recursive -A recursive query (client to server)  forces  DNS server to respond to a dns query with either a failure or a successful response. DNS clients (resolver) typically make recursive queries.

Iterative -An iterative query (server to server)- DNS server is expected to respond with the best local information it has, based on what the DNS server knows from local zone files or from cache. This response is also known as a referral if the DNS server is not authoritative. If a DNS server does not have any local information to answer the requested query then it simply sends a negative response.

How DNS records gets updated Automatically, when any systems are connected to network.
->DNS records get updated automatically as while configuring DNS server we have chosen option to update DNS recods dynamically updates.
   you can check it by below steps.
    open DNS management->Forward lookup Zone
     ->right click on domain name(>go to properties->General (here you can see many options for          dynamic update)

** Here we can see the Replication options ,which will replicate DNS records to all the DNS server Available in Active Directory.

What is Aging and scavenging in DNS Server.
->It is used to configure the records age in DNS server means how log you can keep the records, if its not in use and as per your requirement you can configure it to delete the records from DNS server.

How DNS Works in Active directory->We can see in below figure, how DNS Query has been sent from a system or PC to DNS server and if DNS server is not authoritative then how it send the query to any other DNS server or Root Hints server and if query is related to ISP then it forwarders to ISP DNS server and same way query gets resolved.

How DNS Works in Active Directory

Now We will talk about DNS Server Zones.

Forward Lookup Zone:
->Forward lookup zone is used to map host-name to IP address,means all the HOST, NS, SRV, CNAME, MX Records are created within it ,so more over when we have created host record then we can ping using host-name and it will point to that particular IP which is mapped to it.
->but we have not created Reverse Lookup Zone then it will not resolve with IP Address means when we ping (cmd->ping -a) the it should give us the host-name of that IP but it will show only host-name for that we need to create PTR Records within Reverse lookup Zone.
Please see below picture for Host Records,CNAME, NS ,SRV.
Host Records

Reverse Lookup Zone:
->Reverse Lookup-zone is used to map IP address to Host Name ,means when we ping any IP address to get the host name then PTR records should be created for that, PTR records exist within reverse lookup zone and it consist the IP address to Host name Mapping.
We can see in Below Figure-
PTR Records

What is Forwarder in DNS Server
->Forwarder is used to forward the DNS query to ISP for any external name resolution,means when we want to query or type any website name in browser and it resolve to the correct URL ,it happens using DNS forwarder.
->If DNS forwarders is not configured then it will be not able to resolve any external or internet DNS query.
->Generally we use to configure only one DNS forwarder server and every server used to be linked to that DNS forwarder server,so that only one DNS server will be communicate to Internet.

DNS Forwarders

What is Conditional Forwarders in DNS.
->Condition Forwarder is used when we want to forward DNS Query for any other domain for for child domain then it should forward the query to child DNS server.

->What is Root Hints Server.
 ->Root hints server is used when we have multiple domains and if any DNS server is not aware about any other domains then we use to configure root Hints server and that server will have details of all the Domain DNS server in based on the Query ,it forwards the query to relevant Authoritative DNS server.

->What is Authoritative DNS Server.
->Authoritative DNS server means its authorize to respond to that query means when we have DNS server for then it will be responsible for any DNS query made to it and it has to respond to that query either with pass or fail result.

->What is Non-Authoritative DNS Server.
-> Non Authoritative server means its not authorize to respond to query made for any other domain DNS server,if any server is configured to keep the DNS records only for then any query made for will get rejected as it does't have any details for that.

What is Active Directory and how active directory works

What is primary zone in DNS.
->Primary zone in the DNS server contains read and write copy of the DNS means when we can create or add DNS records by manually and automatically, One DNS server can have only one primary DNS zone.

->As primary zone of the DNS server contains read and write copy of the DNS database,then it should be protected from internal and external hacker as if any one hack it then they will have all the system details and they can hack any system easily.

What is Secondary zone in DNS.
->Primary zone in the DNS server contains read only copy of the DNS means when we can not create or add DNS records by manually and automatically.

->Secondary zone gets updated from primary zone by zone transfer,One DNS server can have only one primary DNS zone like there can be up to 255 secondary DNS zones in one DNS server.

What is Stub zone in DNS.
->Stub Zone contains SOA, NS and A records in DNS.
->Generally its used for delegation purpose.
DNS Records 
->A (host ) Record- It consist mapping of host-name to IP address(IPV4).

->AAAA (IPV6 host) Record- It consist mapping of Host-name to IP address (IPV6).

->PTR Record- It consist mapping of IP address to host-name.

->CName (alias) Record - this record is used to create alias name means when we have a host-name and we want to redirect to any other host-name then we use to create cname record, for more details see the figure.
dns recods

->SOA Recod- Its main records in DNS, It contains Primary details of DNS server name, domain serial number,Responsible person, Refresh Interval,TTL (time to live).

->NS (Name server) recod- this records contains name servers name and IP address.
->What is Name Server-Name server in DNS will have details of which server is authoritative for that domain ,so that it can send the query to that server.

->SRV (service) Record- This record is created to identify specific service and port number to connect and use that service using DNS like Kerberos, LDAP with host name,weight,priority details.

->MX (Mail Exchanger) Record- It is used to configure exchange server record with host-name and mail server details,with mail server priority.while sending email using SMTP it will connect  to MX server with lower priority at first.
**mail server priority is used to connect at first with low priority means 10 will be tried first then 15 later)

No comments:

Post a Comment

Quotes About Love