Module Overview

• Collecting Information for a Name Resolution Design
• Designing a DNS Server Strategy
• Designing a DNS Namespace
• Designing DNS Zone Implementation
• Designing Zone Replication and Delegation

Reasons for Name Resolution

Name resolution is required:
• To simplify access to resources
• To locate domain controllers
• To locate global catalog servers

Considerations for Configuring Name Resolution

Consider whether:
• A DNS infrastructure exists
• The Active Directory namespace is the same as the public DNS namespace
• The Active Directory namespace does not overlap with the public DNS namespace
• NetBIOS name resolution services, such as WINS, are used on the network
Host Requirements for a Name Resolution Design
Identify the following host information:
• Are computers with dynamic IP addresses providing IP-based services?
• Do hosts run applications or services that use NetBIOS?
• Do any of the client computers use broadcasts to resolve NetBIOS names only by using broadcasts?
• Do hosts run applications that require the ability to determine a host’s name from its IP address?
NetBIOS Resources
Identify systems and applications that rely on NetBIOS for name resolution, including:
– Windows 98, Windows NT
– Windows workgroups that do not implement Active Directory
– Some applications and services
• Determine the impact of removing NetBIOS
• If NetBIOS is used by a critical application, continue to use WINS
How Clients Resolve Host Names
Clients can use the following methods to resolve host names:
• DNS cache (includes contents of HOSTS file)
• DNS server
• NetBIOS name resolution methods
DNS name resolution is controlled by:
• Root hints
• Caching
• Delegation
• Forwarding
• Conditional forwarding
Determining DNS Server Requirements
Server capacity:
– Determine number of zones for each server
– Determine the size of each zone
– Determine the number of queries for each server
Server requirements:
• Approximately 4 MB of RAM for the service
• Approximately 100 bytes for each resource record
Considerations for Placing DNS Servers
For DNS server placement, consider:
• Network traffic over WAN links
• Availability, if a WAN link fails
• Redundancy, if a DNS server fails
• Client impact, if DNS is unavailable
• Application impact, if DNS is unavailable
Securing DNS Servers
Options for securing Microsoft DNS servers:
• Firewalls, including Windows Firewall
• Restricting zone transfers
• Securing dynamic updates
• Active Directory Integrated zones
• Forwarding, to limit Internet name resolution