Lesson 5: Working with Servers | MCSE Training Kit(c) Microsoft Windows 2000 Accelerated 2000

Because DNS servers are of critical importance in most environments, it is important to continually monitor them. In this lesson, you learn how to manage and monitor your DNS servers. In addition, you learn how to implement a caching-only server.

After this lesson, you will be able to

Configure a caching-only server
Manage and monitor DNS servers

Estimated lesson time: 15 minutes

Overview of DNS Servers and Caching

As DNS servers process client queries using recursion or iteration, they discover and acquire a significant store of information about the DNS name space. The server then caches this information. Caching provides a way to speed the performance of DNS resolution for subsequent queries of popular names while substantially reducing DNS-related query traffic on the network.

As DNS servers make recursive queries on behalf of clients, they temporarily cache resource records. Cached resource records contain information obtained from DNS servers during interative queries. Later, when other clients place new queries that request resource record information matching cached resource records, the DNS server can use the cached resource record information to answer them.

When information is cached, a Time to Live (TTL) value applies to all cached resource records. As long as the TTL for a cached resource record does not expire, a DNS server can continue to cache and use the resource record again when answering queries by its clients that match these resource records. Caching TTL values used by resource records in most zone configurations are assigned the minimum (default) TTL, which is set in the zone's SOA resource record. By default, the minimum TTL is 3600 seconds (1 hour), but can be adjusted. Or, if necessary, individual caching TTLs can be set at each resource record.

Implementing a Caching-Only Server

Although all DNS name servers cache queries that they have resolved, caching-only servers are DNS name servers that only perform queries, cache the answers, and return the results. They are not authoritative for any domains and the information that they contain is limited to what has been cached while resolving queries. The benefit of caching-only servers is that they do not generate zone transfer network traffic because they do not contain any zones. However, there is one disadvantage: When the server is initially started, it has no cached information and must build up this information over time as it services requests.

Follow these steps to install a caching-only DNS server:

Install the DNS Server service on the computer.
It is strongly recommended that, when operating the computer as a DNS server, you manually configure TCP/IP and use a static IP address.
Do not configure the DNS server to load any zones.
A caching-only DNS server can be valuable at a site where DNS functionality is needed locally but it is not administratively desirable to create a separate domain or zone for that location. Caching-only DNS servers do not host any zones and are not authoritative for a particular domain. They are DNS servers that build a local server cache of names learned while performing recursive queries on behalf of their clients. This information is then available from its cache when answering subsequent client queries.
Verify that server root hints are configured or updated correctly.

When a DNS server starts, it needs a list of root server "hints." These hints are name server (NS) and address (A) records for the root servers, which are stored in what has historically been called the cache file.

You can configure root hints by clicking the Root Hints tab in the Properties dialog box for the DNS server in the DNS administrative console. The Root Hints tab is illustrated in Figure 10.14.

Figure 10.14 Root Hints tab on the DNS server's Properties dialog box

Monitoring DNS Server Performance

Because DNS servers are of critical importance in most environments, monitoring their performance can be useful for predicting, estimating, and optimizing DNS server performance. In addition, you can quickly identify degraded server performance either over time or during periods of peak activity. Windows 2000 Server provides a set of DNS server performance counters that can be used with System Monitor to measure and monitor various aspects of server activity.

Practice: Testing a Simple Query on a DNS Server

In this practice, you use the DNS administrative console to test a query on your DNS server.

Exercise 1: Testing a Query on your DNS Server

Click Start, point to Programs, point to Administrative Tools, and then click DNS.
In the console tree, right-click the DNS server, and then click Properties.
Click the Monitoring tab, illustrated in Figure 10.15.

Figure 10.15 The Monitoring tab in the DNS server's Properties dialog box
Select the A Simple Query Against This DNS Server check box.
Click Test Now.
The results of the query test appear in Test Results.
Click OK to close the DNS server's Properties dialog box.

DNS Server Performance Counters

Windows 2000 Server provides a set of DNS server performance counters that can be used to measure and monitor various aspects of server activity, such as the following:

Overall DNS server performance statistics, such as the number of overall queries and responses processed by a DNS server
User Datagram Protocol (UDP) or Transmission Control Protocol (TCP) counters, which measure DNS queries and responses that are processed using either of these transport protocols, respectively
Dynamic update and secure dynamic update counters, which measure registration and update activity generated by dynamic clients
Memory usage counters, which measure system memory usage and memory allocation patterns created by operating the server computer as a Windows 2000 DNS server
Recursive lookup counters, which measure queries and responses when the DNS Server service uses recursion to look up and fully resolve DNS names on behalf of requesting clients
Windows Internet Name Service (WINS) lookup counters, which measure queries and responses made to WINS servers when the WINS lookup integration features of the DNS Server service are used
Zone transfer counters, including specific counters for measuring all-zone transfer (AXFR), incremental zone transfer (IXFR), and DNS zone update notification activity

Managing DNS Servers Remotely

DNS is an Internet and TCP/IP standard name service that enables a server running the DNS service to enable client computers on your network to register and resolve DNS domain names. These names can be used to find and access resources offered by other computers on the Internet. With Windows 2000 Administration Tools, which is included on the Windows 2000 Server and Windows 2000 Advanced Server compact disc sets, you can manage a server remotely from any computer that is running Windows 2000.

Windows 2000 Administration Tools contains Microsoft Management Console (MMC) snap-ins and other administrative tools that are used to manage computers running Windows 2000 Server and that are not provided with Windows 2000 Professional. Once Windows 2000 Administration Tools is installed on a computer, an administrator can open the server administrative tools and begin managing a remote server from that computer.

Lesson Summary

All DNS name servers cache queries that they have resolved, but caching-only servers are special DNS name servers that only perform queries, cache the answers, and return the results. The benefit provided by caching-only servers is that they do not generate zone transfer network traffic because they do not contain any zones. Windows 2000 Server provides a set of DNS server performance counters that can be used with System Monitor to measure and monitor various aspects of server activity. You can perform tests on the DNS server from the Monitoring tab in the DNS server's Properties dialog box in the DNS administrative console too. You can also use the Windows 2000 Administration Tools to manage a server remotely from any computer that is running Windows 2000.