In the DNS hierarchy, objects are identified through the use of resource records (RRs). These records are used for basic lookups of users and resources within the specified domain and are unique for the domain in which they are located. Because DNS is not a flat namespace, however, multiple, identical RRs can exist at different levels in a DNS hierarchy. The distributed nature of the DNS hierarchy allows such levels. Several key resource records exist in most DNS implementations , especially in those associated with Windows Server 2003 Active Directory. A general familiarity with these specific types of RRs is required to gain a better understanding of DNS. Start of Authority (SOA) Records in DNSThe Start of Authority (SOA) record in a DNS database indicates which server is authoritative for that particular zone. The server referenced by the SOA records is subsequently the server that is assumed to be the best source of information about a particular zone and is in charge of processing zone updates. The SOA record contains information such as the Time to Live (TTL) interval, the contact person responsible for DNS, and other critical information, as illustrated in Figure 13.7. Figure 13.7. A sample SOA record.
An SOA record is automatically created when DNS is installed for Active Directory in Windows Server 2003 and is populated with the default TTL, primary server, and other pertinent information for the zone. After installation, however, these values can be modified to fit the specific needs of an organization. DNS Host (A) RecordsThe most common type of RR in DNS is the host record , also known as an A record . This type of RR simply contains the name of the host and its corresponding IP address, as illustrated in Figure 13.8. Figure 13.8. Sample host records.
The vast majority of RRs in DNS are A records because they are used to identify the IP addresses of most resources within a domain. Name Server (NS) RecordsName Server (NS) records identify which computers in a DNS database are the name servers, essentially the DNS servers for a particular zone. Although there can be only one SOA record for a zone, there can be multiple NS records for the zone, which indicate to clients which machines are available to run DNS queries against. Name Server Records Name Server records, or NS records, do not actually contain the IP information of a particular resource. In fact, in most cases only A records contain this information. NS records and other similar records simply point to a server's A record. For example, an NS record will simply point to server1.companyabc.com , which will then direct the query to the server1 A record in the companyabc.com zone. Service (SRV) Records for Added DNS InformationService (SRV) records are RRs that indicate which resources perform a particular service. Domain controllers in Active Directory are referenced by SRV records that define specific services, such as the global catalog, LDAP, and Kerberos. SRV records are a relatively new addition to DNS, and did not exist in the original implementation of the standard. Each SRV record contains information about a particular functionality that a resource provides. For example, an LDAP server can add an SRV record indicating that it can handle LDAP requests for a particular zone. SRV records can be very useful for Active Directory because domain controllers can advertise that they handle global catalog requests , as illustrated in Figure 13.9. Figure 13.9. Sample SRV record for an Active Directory global catalog entry.
Unix BIND Servers, Version 8.1.2 or Later Is Recommended for Unix BIND Servers Because SRV records are a relatively new addition to DNS, they are not supported by several down-level DNS implementations, such as Unix BIND 4.1.x and NT 4.0 DNS. It is therefore critical that the DNS environment that is used for Windows Server 2003 Active Directory have the capability to create SRV records. For Unix BIND servers, version 8.1.2 or later is recommended. Mail Exchanger (MX) Records Defining E-mail RoutingA Mail Exchanger (MX) record indicates which resources are available for SMTP mail reception . MX records can be set on a domain basis so that mail sent to a particular domain will be forwarded to the server or servers indicated by the MX record. For example, if an MX record is set for the domain companyabc.com , all mail sent to user @companyabc.com will be automatically directed to the server indicated by the MX record. Pointer (PTR) Records for Reverse DNS QueriesReverse queries to DNS are accomplished through the use of Pointer (PTR) records. In other words, if a user wants to look up the name of a resource that is associated with a specific IP address, he would do a reverse lookup using that IP address. A DNS server would reply using a PTR record that would indicate the name associated with that IP address. PTR records are most commonly found in reverse lookup zones. Canonical Name (CNAME) Records for Alias InformationA Canonical Name (CNAME) record represents a server alias, or essentially allows any one of a number of servers to be referred to by multiple names in DNS. The record essentially redirects queries made to it to the A record for that particular host. CNAME records are useful when migrating servers and for situations in which friendly names , such as mail.companyabc.com , are required to point to more complex, server-naming conventions such as sfoexch01.companyabc.com . Other DNS Records that Store InformationOther, less common forms of records that might exist in DNS have specific purposes, and there might be cause to create them. The following is a sample list but is by no means exhaustive:
|