The Domain Name System (DNS) In Depth

The Domain Name System (DNS) In Depth

Name resolution is a key component in any network operating system (NOS) implementation. The capability of any one resource to locate other resources is the centerpiece of a functional network. Consequently, the name-resolution strategy chosen for a particular NOS must be robust and reliable, and it must conform to industry standards.

Windows Server 2003 uses the domain name system (DNS) as its primary method of name resolution, and DNS is a vital component of any Active Directory implementations of Windows Server 2003. Windows Server 2003's DNS implementation was designed to be compliant with the key Request for Comments (RFCs) that define the nature of a DNS. This makes it particularly beneficial for network infrastructures because it allows Windows Server 2003 to interoperate with external name-resolution environments.

This chapter details the key components of DNS in general and provides an overview of Windows Server 2003's specific implementation of DNS. A particular emphasis is placed on the role of DNS in Active Directory and the way it fits in standard and nonstandard configurations. Step-by-step instructions outline how to install and configure specific DNS components on Windows Server 2003. In addition, troubleshooting DNS issues and specific Active Directory design scenarios helps to give a hands-on approach to your understanding of DNS.

The Need for DNS

As network infrastructure experts have found, a solid DNS design and implementation is critical to the successful lookup, views, and replication of DNS information across the Active Directory environment.

Although Microsoft developed its own implementation of DNS in Windows NT 4.0, it was based on the RFC standards on which DNS was founded. With the introduction of Windows 2000, Microsoft adopted DNS as the name-resolution strategy for Microsoft products. Older, legacy name resolution systems such as WINS are slowly being phased out. Since that time, the DNS implementation used by Microsoft has evolved to include a number of key benefits that distinguish it from standard DNS implementations, such as those in other DNS implementations ”for example, Unix BIND. To understand these improvements, however, you first need a basic understanding of DNS functionality.

Microsoft very clearly heard from the marketplace how the DNS used for Active Directory needed to have better compatibility with the DNS used throughout the industry. Besides providing various options for AD integration into existing DNS environments, with Windows Server 2003 Microsoft now supports the InetOrgPerson attribute that further extends Microsoft's DNS compatibility for more common LDAP lookup and DNS integration compatibility.

Framework for DNS

DNS structure is closely linked to the development of the Internet and often is confused with the Internet itself. The structure of DNS is highly useful, and the fact that it has thrived for so long is a tribute to its functionality. A closer examination of what constitutes DNS and how it is logically structured is important in understanding the bigger picture of how DNS fits in Windows Server 2003.

Understanding the DNS Namespace

The bounded area that is defined by the DNS name is known as the DNS namespace . microsoft.com is a namespace, as is marketing.companyabc.com . Namespaces can be either public or private. Public namespaces are published on the Internet and are defined by a set of standards. All the .com , .net , .org , and like namespaces are external, or public. An internal namespace is not published to the Internet but is also not restricted by extension name. In other words, an internal, unpublished namespace can occupy any conceivable namespace, such as dnsname.internal or companyabc.root . Internal namespaces are most often used with Active Directory because they give increased security to a namespace. Because such namespaces are not published, they cannot be directly accessed from the Internet.