Figure 9.10 Hierarchical structure of a domain namespace As Figure 9.10 illustrates, the hierarchical structure of the domain namespace consists of a root domain, top-level domains, seco
Trang 1f
Lesson 5: Domain Name System
DNS is a distributed database used in TCP/IP networks to translate computer names (host names) to IP addresses This lesson introduces you to DNS and name resolution It also discusses the skills necessary and provides information to install and configure the DNS service
Introduction to DNS
DNS is most commonly associated with the Internet However, private networks use DNS extensively to resolve computer host names and to locate computers within their local networks and the Internet DNS name resolution is different than the name
resolution provided by WINS WINS resolves NetBIOS names to IP addresses, while DNS resolves IP host names to IP addresses IP host names resolved using DNS or other means, provide the following benefits:
• IP host names are user-friendly, which means they are easier to remember than IP addresses
• IP host names remain more constant than IP addresses An IP address for a server can change, but the server name remains the same
• IP host names allow users to connect to local servers by using the same naming convention as the Internet
Domain Namespace
Domain namespace is the naming scheme that provides the hierarchical structure for the DNS database Each node represents a partition of the DNS database These nodes are referred to as domains
The DNS database is indexed by name; therefore, each domain must have a name As you add domains to the hierarchy, the name of the parent domain is appended to its child domain (called a subdomain) Consequently, a domain's name identifies its position in the hierarchy For example, in Figure 9.10 the domain name sales.microsoft.com identifies the sales domain as a subdomain of the microsoft domain and microsoft as a subdomain
of the com domain
Trang 2Figure 9.10 Hierarchical structure of a domain namespace
As Figure 9.10 illustrates, the hierarchical structure of the domain namespace consists of
a root domain, top-level domains, second-level domains, and host names
Root Domain
The root domain is at the top of the hierarchy and is represented as a period (.) The Internet root domain is managed by several organizations, including Network Solutions, Inc
Top-Level Domains
Top-level domains are two-character or three-character name codes Top-level domains are categorized by organization type or geographic location Thefollowing table provides some examples of top-level domain names
Top-level domain Description
Top-level domains can contain second-level domains and host names
Second-Level Domains
Organizations such as Network Solutions, Inc assign and register second-level domains
to individuals and organizations for the Internet A second-level domain can contain both hosts and subdomains For example, microsoft.com can contain computers such as
ftp.microsoft.com and subdomains such as dev.microsoft.com The subdomain
dev.microsoft.com can contain hosts such as printerserver1.dev.microsoft.com
Host Names
Host names refer to specific computers on the Internet or a private network For example,
in Figure 9.10, Computer1 is a host name A host name is the leftmost portion of a fully qualified domain name (FQDN), which describes the exact position of a host within the domain hierarchy In Figure 9.10, Computer1.sales.microsoft.com (including the end period, which represents the root domain) is an FQDN
DNS uses a host's FQDN to resolve a name to an IP address
Trang 3Domain Naming Guidelines
When you create a domain namespace, consider the following domain guidelines and standard naming conventions:
• Limit the number of domain levels Typically, DNS host entries should be three
or four levels down the DNS hierarchy and no more than five levels down the hierarchy As the number of levels increases, so do the administrative tasks
• Use unique names Each subdomain must have a unique name within its parent domain to ensure that the name is unique throughout the DNS namespace
• Use simple names Simple and precise domain names are easier for users to remember and enable users to search intuitively and locate Web sites or other computers on the Internet or an intranet
• Avoid lengthy domain names Domain names can be up to 63 characters,
including the periods The total length of an FQDN cannot exceed 255 characters Case-sensitive naming is not supported
• Use standard DNS characters and Unicode characters:
o Windows 2000 supports the following standard DNS characters: A
through Z, a through z, 0 through 9, and the hyphen (-), as defined in RFC
1035
o The DNS Service also supports the Unicode character set The Unicode character set, which includes additional characters not found in the American Standard Code for Information Exchange (ASCII) character set,
is required for languages such as French, German, and Spanish
Zones
A zone represents a discrete portion of the domain namespace Zones provide a way to partition the domain namespace into manageable sections
Multiple zones in a domain namespace are used to distribute administrative tasks to different groups For example, Figure 9.11 depicts the microsoft.com domain namespace divided into two zones The two zones allow one administrator to manage the microsoft and sales domains and another administrator to manage the development domain
Figure 9.11 Domain namespace divided into zones
A zone must encompass a contiguous domain namespace For example, as Figure 9.11 shows, you can create a zone for sales.microsoft.com and the parent domain
microsoft.com because these zones are contiguous However, you cannot create a zone that consists of only the sales.microsoft.com domain and the development.microsoft.com domain because these two domains are not contiguous
Trang 4The name-to-IP-address mappings for a zone are stored in the zone database file Each zone is anchored to a specific domain, referred to as the zone's root domain The zone database file does not necessarily contain information for all subdomains of the zone's root domain, only those subdomains within the zone
In Figure 9.11, the root domain for Zone1 is microsoft, and its zone file contains the name-to-IP-address mappings for the microsoft and sales domains The root domain for Zone2 is development, and its zone file contains the name-to-IP-address mappings for the development domain only The zone file for Zone1 does not contain the name-to-IP address mappings for the development domain, although development is a subdomain of the microsoft domain
Name Servers
A DNS name server stores the zone database file Name servers can store data for one zone or multiple zones A name server is said to have authority for the domain namespace that the zone encompasses
There must be at least one name server for a zone However, a zone can have multiple name servers associated with it One of these servers contains the master zone database file, which is also referred to as the primary zone database file, for that zone Changes to
a zone, such as adding domains or hosts, are performed on the server that contains the primary zone database file Any other name servers associated with the zone act as a backup to the name server containing the primary zone database file These name servers contain a secondary zone database file
Multiple name servers provide several advantages:
• Performing zone transfers The additional name servers obtain a copy of the
zone database file from the name server that contains the primary database zone file This is called a zone transfer These name servers periodically query the name server containing the primary zone database file for updated zone data
• Providing redundancy If the name server containing the primary zone database
file fails, the additional name servers can provide service
• Improving access speed for remote locations If a number of clients are in
remote locations, use additional name servers to reduce query traffic across slow WAN links
• Reducing loads The additional name servers reduce the load on the name server
containing the primary zone database file Windows 2000 also supports directory-integrated zone storage by using the Active Directory database Zones stored this way are located in the Active Directory tree under the domain object container Each directory-integrated zone is stored in a DNS zone container object identified
by the name you choose for the zone when you create it