1 / 28

DESIGNING THE DNS STRUCTURE

Chapter 2. DESIGNING THE DNS STRUCTURE. NAME RESOLUTION PROCESS. DNS FORWARDING. DNS DELEGATION AND NAME RESOLUTION. ANALYZING THE EXISTING DNS IMPLEMENTATION. COMPONENTS OF DNS. DNS zones Zone transfers Server roles. DNS ZONES. ZONE TRANSFERS. Full zone transfer (AXFR)

bethan
Télécharger la présentation

DESIGNING THE DNS STRUCTURE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 2 DESIGNING THE DNS STRUCTURE

  2. Chapter 2: DESIGNING THE DNS STRUCTURE NAME RESOLUTION PROCESS

  3. Chapter 2: DESIGNING THE DNS STRUCTURE DNS FORWARDING

  4. Chapter 2: DESIGNING THE DNS STRUCTURE DNS DELEGATION AND NAME RESOLUTION

  5. Chapter 2: DESIGNING THE DNS STRUCTURE ANALYZING THE EXISTING DNS IMPLEMENTATION

  6. Chapter 2: DESIGNING THE DNS STRUCTURE COMPONENTS OF DNS • DNS zones • Zone transfers • Server roles

  7. Chapter 2: DESIGNING THE DNS STRUCTURE DNS ZONES

  8. Chapter 2: DESIGNING THE DNS STRUCTURE ZONE TRANSFERS • Full zone transfer (AXFR) • All resource records for a zone are copied. • Incremental zone transfer (IXFR) • Only the changes made to resource records are copied. • Results in less network traffic.

  9. Chapter 2: DESIGNING THE DNS STRUCTURE SERVER ROLES • Primary DNS server • Contains the local zone database file • Secondary DNS server • Contains a copy of the zone database file • Caching-only DNS server • Caches the answers to queries and returns the results • Does not contain zone information

  10. Chapter 2: DESIGNING THE DNS STRUCTURE IDENTIFYING THE CURRENT NAMESPACE

  11. Chapter 2: DESIGNING THE DNS STRUCTURE DNS NAMESPACE DESIGN • The following business needs affect the DNS naming strategy: • The intended scope of Active Directory • Internet presence • Whether DNS must support Active Directory

  12. Chapter 2: DESIGNING THE DNS STRUCTURE CHOOSING A DNS NAME • Choose and register a root domain name that is unique on the Internet. • The root domain name must conform to DNS naming standards. • Choose meaningful, stable, scalable names. • The root domain name can be an existing DNS domain name.

  13. Chapter 2: DESIGNING THE DNS STRUCTURE DNS INTEROPERABILITY WITH ACTIVE DIRECTORY • Active Directory–integrated zone transfers • Multi-master replication • Fault tolerance • Secure updates • Single replication topology

  14. Chapter 2: DESIGNING THE DNS STRUCTURE DNS INTEROPERABILITY WITH ACTIVE DIRECTORY

  15. Chapter 2: DESIGNING THE DNS STRUCTURE DNS INTEROPERABILITY WITH DHCP

  16. Chapter 2: DESIGNING THE DNS STRUCTURE DNS INTEROPERABILITY WITH WINS

  17. Chapter 2: DESIGNING THE DNS STRUCTURE ZONE REQUIREMENTS

  18. Chapter 2: DESIGNING THE DNS STRUCTURE SECURITY • Potential security threats • Securing the DNS infrastructure • Securing replication data

  19. Chapter 2: DESIGNING THE DNS STRUCTURE SECURING THE DNS INFRASTRUCTURE • Use a private namespace • UDP and TCP port 53 • Disable recursion • Restrict zone transfers • NTFS • Secure updates

  20. Chapter 2: DESIGNING THE DNS STRUCTURE SECURING REPLICATION DATA

  21. Chapter 2: DESIGNING THE DNS STRUCTURE DNS INTEROPERABILITY WITH UNIX BERKELEY INTERNET NAME DOMAIN (BIND) • Windows Server 2003 DNS offers maximum compatibility with Active Directory. • BIND DNS servers can be integrated with Active Directory. • BIND 8.2.2 and later support dynamic updates.

  22. Chapter 2: DESIGNING THE DNS STRUCTURE WINDOWS SERVER 2003 DNS AND BIND COMPARED

  23. Chapter 2: DESIGNING THE DNS STRUCTURE DESIGNING DNS SERVER PLACEMENT

  24. Chapter 2: DESIGNING THE DNS STRUCTURE SERVER PLACEMENT • Fault tolerance • High availability

  25. Chapter 2: DESIGNING THE DNS STRUCTURE MONITORING DNS

  26. Chapter 2: DESIGNING THE DNS STRUCTURE CACHING-ONLY DNS SERVERS

  27. Chapter 2: DESIGNING THE DNS STRUCTURE LOAD BALANCING

  28. Chapter 2: DESIGNING THE DNS STRUCTURE SUMMARY • Before you design DNS, what information do you need about the existing DNS infrastructure? • What are some of the benefits of choosing Active Directory–integrated zones? • What factors influence the DNS namespace design? • How can zone replication data be secured? • What are some ways to improve DNS performance?

More Related