| In this chapter, you learned what DNS is and how it works to make name resolution easier, quicker and more accurate. In the following exercises, you will practice some of the concepts and methods discussed in this chapter. Exercises 3.1. Creating a Stub DNS Zone In this exercise, you will use the DNS console to create a forward lookup zone. Estimated time: 10 minutes Open the DNS console by selecting Start, Control Panel, Administrative Tools, DNS. Right-click the DNS server and select New Zone. Click Next, and the Zone Type dialog box appears. Select Stub Zone for the type of zone to create. Click Next. The Active Directory Zone Replication Scope dialog box appears. (Note that this dialog box will appear only if your DNS server is also a DC; if you are configuring this on a member server, skip Step 3.) Select the To All Domain Controllers in the Active Directory Domain <your domain name> option and click Next. The Forward or Reverse Lookup Zone dialog box appears. Select Forward Lookup Zone. Click Next. The Zone Name dialog box appears. In the Name field of the Zone Name dialog box, enter the name Stub. Click Next. The Zone File dialog box appears. Accept the default to create a new zone file. Click Next. The Completing the Configure DNS Server Wizard dialog box appears. Click Finish to complete the configuration. The new domain appears in the DNS console.
3.2. Manually Create a DNS Record In this exercise, you will manually create a DNS record. Estimated time: 5 minutes Open the DNS console by selecting Start, Control Panel, Administrative Tools, DNS. Right-click the zone you want to add an entry in and then select the type of entry you want to create. Select New Alias because for this procedure, you will create a new alias (CNAME) record. The New Alias dialog box appears. In the Alias Name field, enter the alias name. You can use the FQDN or just the hostname. If you use just the hostname, the rest of the FQDN for the domain in which you are creating the entry will automatically be appended. Enter the FQDN for the host you are aliasing in the Fully Qualified Name for Target Host box. Click OK to create the entry.
3.3. Monitoring DNS Server Performance by Using the Performance Console This exercise walks you through adding a counter to the Performance console so that you can create a baseline for or troubleshoot a DNS server. Estimated time: 15 minutes Open the Performance console by selecting Programs, Administrative Tools, Performance. In the Performance console, select System Monitor. To create an entry in System Monitor, click the + icon. The Add Counters window appears. Notice that by default it opens to the Processor performance object. Select the DNS performance object. Select the counter you want to monitor and click Add. You can add multiple counters either by selecting each counter and clicking Add or by using the standard Windows multiple-item-select method of holding down the Ctrl key while you select all the counters you want to monitor and then clicking Add. Click Close when you are done.
Exam Questions | 1. | You are the systems administrator for Wild Widgets, Inc. You are training a new employee on the use of the DNS service in Windows Server 2003. She asks you how a DNS request is resolved, assuming that the name is not cached and is for someone else's domain. What do you tell her? 
| A. | The client computer makes a request to the local DNS server. The DNS server looks in a local memory cache for names it has recently resolved. The name server looks in the DNS server's host tables to see if there is a static or dynamic entry for the hostname to an IP address lookup. The name server refers the request to a root name server. The root name server refers the request to a name server for the TLD in the hostname. The TLD name server refers the request to a name server for the second-level domain in the hostname, and so on, until a name server is encountered that can resolve the complete hostname. |
| B. | The client computer makes a request to the local DNS server. The name server looks in the DNS server's host tables to see if there is a static or dynamic entry for the hostname to an IP address lookup. The DNS server looks in a local memory cache for names it has recently resolved. The name server refers the request to a root name server. The root name server refers the request to a name server for the TLD in the hostname. The TLD name server refers the request to a name server for the second-level domain in the hostname, and so on, until a name server is encountered that can resolve the complete hostname. |
| C. | The client computer makes a request to the local DNS server. The name server looks in the DNS server's host tables to see if there is a static or dynamic entry for the hostname to an IP address lookup. The name server refers the request to a root name server. The root name server refers the request to a name server for the TLD in the hostname. The TLD name server refers the request to a name server for the second-level domain in the hostname, and so on, until a name server is encountered that can resolve the complete hostname. |
| D. | The client computer makes a request to the local DNS server. The DNS server looks in a local memory cache for names it has recently resolved. The name server looks in the DNS server's host tables to see if there is a static or dynamic entry for the hostname to an IP address lookup. The name server refers the request to a name server for the TLD in the hostname. The TLD name server refers the request to a name server for the second-level domain in the hostname, and so on, until a name server is encountered that can resolve the complete hostname. |
| | | | 2. | You are the systems administrator for Phil's Phill-up Stations, a chain of gas stations. As part of the network, you maintain a Windows Server 2003 DNS server to receive DDNS updates. Because you have a mixed network, you want the server to accept both secure and nonsecure updates. The server is installed and running but doesn't receive dynamic updates at this time. How do you set up the DNS server to receive dynamic updates?
| A. | Open DNS Administrator. Select the DNS server and right-click. Select Receive Dynamic Updates. The Dynamic Updates Wizard starts. Follow the prompts to complete the configuration of dynamic updates. |
| B. | Open the DNS console by selecting Start, Control Panel, Administrative Tools, DNS. Open the properties of the zone you want to configure to receive dynamic updates. On the General tab, set the Dynamic Updates pull-down menu to Nonsecure and Secure. Click OK. |
| C. | Open the DNS console by selecting Start, Control Panel, Administrative Tools, DNS. Open the properties of the zone you want to configure to receive dynamic updates. On the Updates tab, set the Allow Dynamic Updates pull-down menu to Yes. Click OK. |
| D. | Open the DNS console by selecting Start, Control Panel, Administrative Tools, DNS. Open the properties of the zone you want to configure to receive dynamic updates. On the Updates tab, set the Allow Dynamic Updates pull-down menu to Yes. Click OK. |
| | 3. | You are the systems administrator for the Oui Find-em detective agency. Your boss has asked you to register a DNS domain name for the company. Which of the following is not a legal top-level domain name?
| A. | findem.art |
| B. | findem.net |
| C. | findem.org |
| D. | findem.cc |
| | 4. | You are the systems administrator for Little Faith Enterprises Meat Packing. You run a pure Windows Server 2003 network, with six Windows Server 2003 DNS servers for your domain. One of the secondary servers doesn't seem to be getting updates. How can you check to verify that the server is receiving updates?
| A. | Open Performance Manager. Click the Add Counter icon. Select the DNS server object and then select the Zone Transfer Success counter. Click Add to add the counter and monitor the zone transfers. |
| B. | Open the Performance console. Click the Add Counter icon. Select the DNS server object and then select the AXFR Successes counter. Click Add to add the counter and monitor the zone transfers. |
| C. | Open the DNS console. Right-click the zone with which you are having problems. Select Statistics from the context menu and verify that zone transfers are being received. |
| D. | Open the Performance console. Click the Add Counter icon. Select the DNS server object and then select the Zone Transfer Success counter. Click Add to add the counter and monitor the zone transfers. |
| | 5. | You are the systems administrator for Mad Hatter Top Hats, Inc. You are responsible for the company's Windows Server 2003 network, including DNS. You have been asked to create a reverse lookup entry for each workstation on the network. How do you accomplish this task in the most efficient and accurate manner possible?
| A. | Use the DNS console to create a reverse lookup zone. Manually add each workstation to the reverse lookup zone. |
| B. | Use the DNS console to create a reverse lookup zone. Configure the forward lookup zone to accept dynamic updates. The reverse lookup zone will be automatically updated. |
| C. | Use the DNS console to create a reverse lookup zone. Configure the DNS server to accept dynamic updates. The reverse lookup zone will be automatically updated. |
| D. | Use the DNS console to create a reverse lookup zone. Configure the reverse lookup zone to accept dynamic updates. |
| | 6. | You are the systems administrator for the Hittem Boxing Glove Corporation, which is running a routed network with a centrally located Windows Server 2003 DNS server. You need to create a record in DNS to allow Internet mail to be sent to your domain. What kind of domain record do you need?
| A. | A CNAME record |
| B. | An A record |
| C. | A PTR record |
| D. | An MX record |
| | 7. | You manage the Windows Server 2003 DNS servers for the Bang Bang Hammer Corporation. You are running in a purely Windows Server 2003 environment, and you need to make sure workstations are registered properly in DNS for Active Directory integration. How should you configure DNS integration?
| A. | Configure the appropriate zones to accept dynamic updates. |
| B. | Configure the DNS server to accept dynamic updates. |
| C. | Configure the DHCP server to be sure to send dynamic updates. |
| D. | Install the Windows Server 2003 DNS client on the workstations. |
| | | | 8. | You are the systems administrator for UR Write Publishing. You are responsible for maintaining the Windows Server 2003 network for the company, including the Windows Server 2003 DNS servers. You have one remote office that is located across a slow WAN link. What is the best way to set up DNS to resolve internal hostnames?
| A. | Create a delegated zone for the remote office and have all the DNS client computers in that office resolve from that zone. |
| B. | Configure a caching-only server and have all the DNS client computers resolve from that server. |
| C. | Use a centralized DNS server and configure it for incremental updates. |
| D. | Configure the DNS client computers to autodiscover the closest DNS server. |
| | 9. | You are the collaborative computing administrator for the Call-Me Telephone Company. You have a single DNS server resolving names for your internal domain, and you have an Internet connection. You need to configure DNS on the client computers to resolve Internet addresses. How will you make this configuration?
| A. | On each client computer, install the Microsoft DNS client. Configure the client computer to resolve to the DNS server. Configure the root hints on the server to point at the Internet root servers. |
| B. | On each client computer, configure the DNS settings under the Internet Protocol (TCP/IP) Properties dialog box of the LAN connection to resolve to the DNS server. Configure the root hints on the server to point at the Internet root servers. |
| C. | Install a new DNS server to resolve Internet domain names. On each client computer, configure the DNS settings under the Internet Protocol (TCP/IP) Properties dialog box of the LAN connection to resolve to the DNS server. |
| D. | On each client computer, configure the DNS settings under the Internet Protocol (TCP/IP) Properties dialog box of the LAN connection to resolve to the DNS server. |
| | 10. | Which of the following is the FQDN for the host home in the sales domain for the UR write company if the company's domain is urwrite.net?
| A. | home |
| B. | home.sales.net |
| C. | home.urwrite.net |
| D. | home.sales.urwrite.net |
| | | | 11. | You are the systems administrator for Blue Sky Airlines. Your company has a mixed Windows Server 2003 and Windows NT 4.0 Server network and you are running a Windows NT 4.0 DNS server, as well as a Windows NT 4.0 DHCP server. There are 10 Windows 98 computers in the Sales Department that need to use DDNS updates for identification purposes. How will you enable this?
| A. | Upgrade your DNS server to Windows Server 2003. Configure it to accept dynamic updates. Configure the Windows 98 client computers to send dynamic updates. |
| B. | Upgrade your DNS server to Windows Server 2003. Configure it to accept dynamic updates. Upgrade your Windows 98 computers to Windows 98 Second Edition to get the DDNS capability. Configure the Windows 98 client computers to send dynamic updates. |
| C. | Upgrade your Windows 98 computers to Windows XP Professional to get the DDNS capability. Configure the Windows XP client computers to send dynamic updates. |
| D. | Upgrade your DNS server to Windows Server 2003. Configure it to accept dynamic updates. Upgrade your Windows 98 computers to Windows XP Professional to get the DDNS capability. |
| | 12. | You are the systems administrator for Little Big Men Clothiers. You have installed a Windows Server 2003 DNS server, but people are unable to resolve names. You need to test the DNS server. Where should you start in your troubleshooting efforts?
| A. | From the command prompt of a Windows XP Professional host, run the nslookup utility to check the functionality of the DNS service. |
| B. | From the command prompt of a Windows XP Professional host, run the ipconfig utility to check the functionality of the DNS service. |
| C. | From the Windows Server 2003 DNS server, type ping -a and the address of the DNS server. Examine the results to see if the server is working. |
| D. | From the Windows Server 2003 DNS server, type ping -R and the address of the DNS server. Examine the results to see if the server is working. |
|
Answers to Exam Questions | 1. | A. The correct order is cache, local DNS server table, root server, TLD server, and then any additional subdomain servers; thus Answers B, C, and D are incorrect. For more information, see the section "DNS Domains Defined." | | 2. | B. Dynamic updates are set by using the Dynamic Updates pull-down menu on the General tab of the zone properties; thus Answers A, C, and D are incorrect. For more information, see the section "Configuring Zones." | | | | 3. | A. art is a proposed TLD. org, net, and cc are actual production TLDs; thus Answers B, C, and D are incorrect. For more information, see the section "The History of DNS." | | 4. | D. Performance Manager is the name of the Windows NT application; thus Answer A is incorrect. In Windows Server 2003 the Performance console runs as part of the MMC. There are no statistics available for the DNS server; thus Answer C is incorrect. The correct counter is Zone Transfer Success; thus Answer B is incorrect. For more information, see the section "Managing and Monitoring DNS." | | 5. | D. You must create a reverse lookup zone and configure it to accept dynamic updates. If you manually configure each PTR record, you are likely to make mistakes and are not taking advantage of dynamic updates to do the work for you; thus Answer A is incorrect. By configuring a forward lookup zone to accept dynamic updates, you have not configured the reverse lookup zone; thus Answer B is incorrect. Dynamic updates are configured at the zone level, not the server level; thus Answer C is incorrect. For more information, see the section "Reverse Lookups." | | 6. | D. An MX (mail exchanger) record is used to identify the mail server(s) for a domain. A CNAME record is an alias; thus Answer A is incorrect. An A record is used for name-to-address resolution; thus Answer B is incorrect. A PTR record is used for reverse lookups; thus Answer C is incorrect. For more information, see the section "DNS Record Types." | | 7. | A. You need to configure the appropriate zones to accept dynamic updates. Each zone needs to be configured individually to accept dynamic updates. Dynamic updates are configured at the zone level, not the server level; thus Answer B is incorrect. The configuration to allow or disallow dynamic updates is performed on DNS zones, not on the DHCP server; thus Answer C is incorrect. There is no "client" piece of DNS that needs to be installed; thus Answer D is incorrect. For more information, see the section "Configuring Zones." | | 8. | B. You need to configure a caching-only server and have all the remote DNS client computers resolve from that server. A delegated zone will not help with resolution across the slow link; thus Answer A is incorrect. Using a centrally located server will not help with the issue of the slow link; thus Answer C is incorrect. There is no setting to DNS server auto discovery; thus Answer D is incorrect. For more information, see the section "Configuring Caching-Only Servers." | | 9. | D. You just need to configure the workstations to use the existing DNS server to resolve names. This is done under the Internet Protocol (TCP/IP) Properties dialog box of the network connection. The server automatically forwards any requests for unknown domains to the appropriate servers; thus Answer B is incorrect. There is no "client" piece of DNS that needs to be installed; thus Answer A is incorrect. An additional DNS server is not required for Internet name resolution; thus Answer C is incorrect. For more information, see the section "Configuring DNS Client Computers." | | 10. | D. home.sales.urwrite.net is the correct answer. home is the server, sales is a department subdomain, urwrite is the secondary domain, and net is the TLD; thus Answers A, B, and C are all incorrect. For more information, see the section "DNS Domains Defined." | | 11. | D. You need a Windows Server 2003 DNS server and a Windows XP (or Windows 2000) client computer to use DDNS without needing to reconfigure DHCP. Windows 98 computers do not support dynamic updates; thus Answers A and B are incorrect. There is no configuring needed on the client side for dynamic updates, as long as the client supports them (Windows XP and Windows 2000); thus Answer C is incorrect. For more information, see the section "Configuring Zones." | | 12. | A. Running nslookup from the command prompt is a good way to test DNS, and should be your first step for DNS-related issues. The ipconfig command is a very useful TCP/IP troubleshooting tool, but it not going to be as typically useful for DNS-related issues as the nslookup command; thus Answer B is incorrect. The ping command is useful for basic connectivity testing between two computers, but would not likely be the best first step in troubleshooting a name resolution issue; thus Answers C and D are incorrect. For more information, see the section "Testing the DNS Service." |
Suggested Reading and Resources Albitz, Paul, and Liu, Cricket. DNS and BIND, 4th Edition. O'Reilly & Associates, 2001. Langfeldt, Nicolai. The Concise Guide to DNS and BIND. Que Publishing, 2000. Parker, Tim. Teach Yourself TCP/IP in 14 Days, 2nd Edition. Que Publishing, 2001. Davies, Joseph, and Lee, Thomas. Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference. Microsoft Press, 2003. Stevens, W. Richard. TCP/IP Illustrated, Volume 1: The Protocols. Addison-Wesley, 1994. "Deploying Network Services," http://technet2.microsoft.com/WindowsServer/en/Library/119050c9-7c4d-4cbf-8f38-97c45e4d01ef1033.mspx. "Technical Overview of Windows Server 2003 Networking and Communications," www.microsoft.com/windowsserver2003/techinfo/overview/netcomm.mspx. "Windows Server 2003 Reviewer's Guide,"www.microsoft.com/windowsserver2003/techinfo/overview/reviewersguide.mspx. Windows Server 2003 Online documentation: "Network Services," www.microsoft.com/technet/prodtechnol/windowsserver2003/proddocs/entserver/sag_NPStopnode.asp. "Windows Server 2003 Security Guide," http://www.microsoft.com/technet/security/prodtech/windowsserver2003/W2003HG/SGCH00.mspx.
|
