Understanding DNS Servers and Concepts

Questions and Answers

Which DNS server role initially contains a read-write copy of the zone file, serving as the primary source of DNS information?

• Caching-Only DNS Server
• Primary DNS Server (correct)
• Stub DNS Server
• Secondary DNS Server

What type of DNS server obtains updates through zone transfers and maintains a read-only copy of the zone file?

• Secondary DNS Server (correct)
• Primary DNS Server
• Caching-Only DNS Server
• Authoritative DNS Server

Which DNS server type is characterized by storing zone files within Active Directory and utilizing AD replication for data distribution?

• Stub DNS Server
• Default Forwarder
• Conditional Forwarder
• Active Directory-Integrated DNS (correct)

If a DNS server is configured without any forwarders, how does it resolve external DNS queries?

It refers to root hints to start the iterative query process. (C)

Why is it important for organizations implementing Kerberos and Active Directory Internal DNS to maintain time synchronization across their servers and clients?

To ensure proper function of Kerberos and minimize security vulnerabilities. (C)

Which DNS query type requires the DNS server to pursue resolution until a definitive answer is obtained, rather than referring the client to another server?

Recursive Query (B)

What is the primary function of a PTR record in DNS?

To resolve an IP address to its corresponding hostname. (D)

In the context of DNS, what does a CNAME record do?

It creates an alias for a domain name. (D)

Which DNS record type is crucial for the proper functioning of Active Directory, as it helps clients locate domain controllers and other services?

SRV Record (B)

What is the purpose of Dynamic DNS (DDNS)?

To automatically update DNS records when IP addresses change. (B)

What is the primary purpose of 'Scavenging' in DNS?

To remove stale or outdated records from the DNS database. (B)

What does the Time To Live (TTL) value in a DNS record determine?

How long a record is cached by DNS clients and servers. (D)

Which troubleshooting tool is most commonly used to check DNS record resolution and server responses directly from the command line?

nslookup (A)

What is the purpose of the 'hosts' file on a computer?

To map hostnames to IP addresses locally, overriding DNS queries. (C)

What is the primary role of a DHCP server on a network?

To assign IP configurations to client devices automatically. (D)

What is the DORA process in DHCP used for?

The sequence of steps a client and server use to obtain an IP address. (B)

What is a DHCP scope?

A range of IP addresses and configuration options available for assignment in a subnet. (D)

What is a DHCP reservation?

A permanent IP address assigned to a specific device based on its MAC address. (C)

Which DHCP option is used to configure the default gateway for clients on a network?

Option 3 (B)

What is the primary function of a DHCP Relay Agent?

To forward DHCP requests between subnets and the DHCP server. (A)

During the DHCP lease renewal process, when does a client typically begin attempting to renew its IP address lease?

When the lease is 50% expired. (A)

In a DHCP failover configuration, what is the primary difference between Load Balance mode and Hot Standby mode?

In Load Balance mode, both servers actively assign IP addresses, while in Hot Standby mode, one server is passive and only activates upon failure of the primary server. (D)

What is the function of IP Address Management (IPAM)?

A centralized tool for managing, monitoring, and planning IP address space, along with DHCP and DNS servers. (D)

What is the purpose of DHCP Option 66/67 in the context of network booting (PXE)?

They specify the TFTP server name and boot file for PXE booting. (A)

Why do VoIP phones frequently rely on DHCP Option 66 and sometimes Option 150 or 43?

To retrieve information about the TFTP server and vendor-specific VoIP settings. (C)

What is the function of Multicast DNS (mDNS)?

To resolve .local hostnames on local networks without a central DNS server. (D)

Which of the following is a valid use case for conditional forwarding in DNS?

To resolve domain names for partner organizations by forwarding queries to their DNS servers. (C)

What is the primary purpose of DNS Security Extensions (DNSSEC)?

To ensure the authenticity and integrity of DNS data, preventing DNS spoofing. (C)

Why is it important to manage and maintain DNS records, including enabling automatic scavenging or manually deleting bad records?

To prevent stale or incorrect records from causing resolution failures. (D)

Flashcards

DNS Server

Resolves domain names to IP addresses, translating human-readable names into machine-readable addresses.

Primary DNS Server

Holds the original, editable copy of the zone file, acting as the main source of DNS information.

Secondary DNS Server

Maintained a read-only copy of the zone file; this copy is updated from the primary DNS server through zone transfers.

Stub DNS Server

Contains references to another zone for referral purposes, pointing clients to the authoritative server.

Active Directory-Integrated DNS

Stores zone files directly within Active Directory, allowing DNS data to replicate along with AD data.

Authoritative DNS Server

Holds the actual zone data for a specific domain, providing the final answer to DNS queries for that zone.

Caching-Only DNS Server

Improves performance by caching DNS queries but does not host any zones itself.

Default Forwarder

The destination to which unresolved queries are sent when a DNS server cannot resolve a name internally.

Conditional Forwarder

Directs DNS queries for specific domains to designated DNS servers, providing customized resolution paths.

Root Hints

Contains a list of root servers used when no forwarders are configured, allowing DNS resolution to start at the root of the DNS hierarchy.

Zone

A distinct portion of the DNS namespace managed as a single unit.

Zone File

Contains resource records that define the properties and settings for a zone.

Zone Transfer

The process of synchronizing DNS data between primary and secondary DNS servers.

Recursive Query

A type of DNS query where the DNS server must provide a complete answer or an error.

Iterative Query

A type of DNS query where the DNS server returns the best answer it currently knows, potentially referring the client to other servers.

A Record

Maps a hostname to an IPv4 address.

AAAA Record

Maps a hostname to an IPv6 address.

PTR Record

Maps an IP address to a hostname, used for reverse DNS lookups.

MX Record

Specifies the mail server responsible for accepting email messages on behalf of a domain.

CNAME Record

Creates an alias of one domain name to another, canonical domain name.

SRV Record

Specifies the location of services, such as LDAP or Kerberos, within a domain.

SOA Record

Contains essential information about a DNS zone, like the primary name server and admin contact.

NS Record

Designates which DNS servers are authoritative for a specific zone.

Forward Lookup Zone

Resolves a hostname to an IP address.

Reverse Lookup Zone

Resolves an IP address to a hostname using PTR records.

Dynamic DNS

Automatically updates DNS records when IP addresses change, often used with DHCP.

Scavenging

Removes outdated resource records from the DNS database, maintaining accuracy.

Time To Live (TTL)

Specifies how long a record is cached by a client or DNS server, affecting update propagation.

Netmask Ordering

Prioritizes returning DNS results in the same subnet as the client, optimizing network traffic.

Round Robin

Rotates multiple records to distribute load across different servers.

Study Notes

• DNS translates domain names to IP addresses.

Key DNS Concepts

• DNS Server resolves domain names to IP addresses (FQDN → IP).
• Primary DNS Server holds a read-write copy of the zone file.
• Secondary DNS Server has a read-only copy of the zone file, updated via zone transfers.
• Stub DNS Server holds references (NS, SOA records) to another zone for referral.
• Active Directory-Integrated DNS stores zone files inside AD, replicated with AD replication.
• Authoritative DNS Server possesses the actual zone data for a domain.
• Caching-Only DNS Server doesn’t host zones but caches queries for performance.
• Default Forwarder is the destination for unresolved queries.
• Conditional Forwarder forwards DNS queries for specific domains to designated DNS servers.
• Root Hints are a list of root servers used when no forwarders are configured.
• Zone is a portion of the DNS namespace.
• Zone File contains resource records for a zone.
• Zone Transfer syncs data between primary and secondary DNS servers.

DNS Query Types

• Recursive Query requires the DNS server to return the final answer.
• Iterative Query involves the DNS server returning its best answer, and the client continues querying.

DNS Record Types

• A / AAAA records provide IPv4 / IPv6 addresses.
• PTR enables reverse lookup (IP → Hostname).
• MX specifies the mail exchanger.
• CNAME defines an alias.
• SRV locates services (e.g., LDAP, Kerberos).
• SOA contains zone authority + version info.
• NS designates name servers.
• NetBIOS Name Record supports legacy name resolution with WINS.

Supporting DNS Features

• Forward Lookup Zone resolves names to IPs.
• Reverse Lookup Zone resolves IPs to names using PTR records.
• Dynamic DNS (DDNS) automatically updates DNS when IPs change (often with DHCP).
• Scavenging removes stale resource records from the DNS database.
• Time To Live (TTL) determines how long a record is cached by a client or DNS server.
• Netmask Ordering prioritizes DNS results in the same subnet as the client.
• Round Robin DNS rotates multiple records for load distribution.
• Zone Replication Partner is another DNS server sharing zone data.
• Zone Transfer is when a secondary copies data from the primary.

Troubleshooting Tools

• nslookup checks record resolution and server responses.
• DNS Server Logs are useful for debugging name resolution issues.
• Debug Logging provides extra-detailed logs for tracking DNS queries.

Hosts File

• Hosts file maps hostnames to IP addresses locally before DNS is queried.
• Path: C:\Windows\System32\drivers\etc\hosts

NTP (Network Time Protocol)

• NTP ensures servers and clients are time-synced.
• It is critical for Kerberos, AD, and security.

Windows Internet Name Service (WINS)

• WINS resolves NetBIOS names in legacy environments.
• It reduces NetBIOS name broadcasts.
• WINS Server stores NetBIOS names and IP mappings.

DHCP Basics

• DHCP Server assigns IP configurations to clients.
• DHCP Relay Agent forwards DHCP traffic across subnets.
• Ports used: UDP 67 (server listens), UDP 68 (client listens)

DORA Process

• Discover: Client broadcasts to find a DHCP server
• Offer: Server offers IP and options
• Request: Client asks to accept the offer
• Acknowledge: Server confirms and leases the IP

DHCP Concepts

• Scope is the IP address range + config options for a subnet.
• Reservation binds a MAC address to a specific IP.
• Lease is the duration the IP is valid for the client.
• MAC Address Filtering allows or blocks DHCP offers based on MAC addresses.
• Default Gateway (Option 3) included as part of options.
• DHCP Option provides extra info like DNS, gateway, time server.
• DHCP Policy defines rules for applying different options to clients.
• DHCP Failover is when two DHCP servers share or back each other up. They can operate in load balance or hot standby modes.
• IP Address Management (IPAM) is a centralized tool to manage IP spaces and DHCP/DNS servers.

Common DHCP Options

• Option 3: Default Gateway.
• Option 6: DNS Servers.
• Option 15: DNS Domain Name.
• Option 42: NTP Server.
• Option 43: Vendor-specific info (used by VOIP).
• Option 66/67: TFTP Server name and boot file (PXE).

VOIP + DHCP

• VOIP phones often use option 66 for the TFTP server address and options 150/43 for call manager/vendor-specific info.
• Module Summary
• DNS handles name resolution through zone files with resource records.
• Primary DNS servers hold writeable zones, secondaries hold copies via zone transfers.
• Active Directory DNS stores zones in AD itself for replication.
• Problems often arise from bad records or caching, use nslookup to troubleshoot.
• DHCP assigns IPs dynamically; routers use relay agents to reach DHCP in different subnets.
• Define scopes with IP ranges and DHCP options.
• Implement DHCP failover for redundancy between servers.
• Set reservations for key devices and use policies/options to tailor configurations.

What is DNS?

• DNS translates hostnames (like google.com) into IP addresses.
• Without DNS, users would need to memorize IPs (like 142.250.72.14) to browse the web.

DNS Types

• Internal DNS is used within a private network (like Active Directory).
• External DNS is used on the internet to resolve public domains.

How DNS Resolves Hostnames

• The client checks its local cache. If not found, it queries the configured DNS server. The DNS server then checks its own cache, queries root servers, then TLD servers, then authoritative servers. A response returns with an IP address.

Multicast DNS (mDNS)

• mDNS is used in local networks to resolve .local hostnames. Devices broadcast to 224.0.0.251 asking, "Who is printer.local?" It doesn’t need a central DNS server. Example use: Apple Bonjour, some IoT devices.

Domain Naming & Internal Suffixes

• You can use: .local, .lan which are non-routable and internal only. Real domains (like .com) can be used internally (e.g., corp.mycompany.com). Internal domain names often include a prefix like int.mycompany.com.

DNS Zones

• Zone = portion of the DNS namespace managed by a server. Types: Primary Zone (writeable), Secondary Zone (read-only copy), Stub Zone (contains only references to another zone).

Key DNS Record Types

• A: IPv4 address (e.g., example.com → 192.0.2.1).
• AAAA: IPv6 address (e.g., example.com → 2001::1).
• PTR: Reverse lookup (IP to name, e.g., 1.2.3.4 → server.domain.com).
• CNAME: Alias (e.g., www.example.com → server1.example.com).
• MX: Mail exchange (routes email).
• SRV: Service locator (used in AD for things like Kerberos/LDAP).
• SOA: Start of Authority (zone metadata).

SRV Records

• Format: _service._protocol.name. Example: _ldap._tcp.dc._msdcs.domain.local. Used by clients (especially in Active Directory) to find services.

Reverse Lookup Zone

• Lets you do a DNS lookup by IP instead of name. Used to resolve: 192.168.1.10 → host.domain.local. Requires PTR records.

Active Directory + DNS

• AD relies on DNS for everything including domain joins, locating domain controllers, and Group Policy. Domain controllers register SRV, A, and PTR records automatically.

Dynamic DNS (DDNS)

• DNS records update automatically when IP addresses change. It is especially useful for DHCP clients. Windows clients can register themselves in AD DNS.

Managing DNS Records

• Stale records can break things (e.g., machine gets a new IP but the old record remains). You can enable automatic scavenging or manually delete bad records.

SOA (Start of Authority)

• Contains the primary DNS server name, admin email, serial number (used for zone versioning), and refresh, retry, and TTL values.

Conditional Forwarding

• Allows DNS servers to forward specific domains to specific DNS servers. Useful for resolving partner domains, split-brain DNS, and not relying on public DNS for internal zones.

TTL (Time to Live)

• Defines how long a record is cached by clients and servers. Short TTL = faster updates, more traffic. Long TTL = slower propagation, less load.

Secure DNS

• DNSSEC (DNS Security Extensions) ensures records are authentic and not tampered with. It uses digital signatures. Clients can validate signatures to avoid spoofing.

Testing DNS

• Use nslookup, ping, dig (Linux), or Test-NetConnection (PowerShell). Port 53 handles DNS traffic (UDP and sometimes TCP).

DHCP (Dynamic Host Configuration Protocol)

• Ports: UDP 67 (Server listens), UDP 68 (Client listens).

DORA Process

• Discover: Client broadcasts to look for a DHCP server. Offer: Server offers an IP and config. Request: Client requests the offered IP. Acknowledge: Server finalizes the lease.

DHCP Relay Agent

• Allows DHCP requests to cross routers and forwards requests from one subnet to the server. It is required when the DHCP server isn’t on the same subnet.

Leases & Renewals

• Clients lease IPs for a set time (e.g., 8 days). Halfway through the lease, the client tries to renew. Leases are stored and managed on the DHCP server.

Reservations

• Tie a specific IP to a MAC address so the client always receives the same IP. Must be in the same subnet as the DHCP scope.

DHCP Failover

• Load Balancing Mode: Both servers share the load
• Hot Standby Mode: One server active, the other passive backup
• Lease information is synced between servers

DHCP Options

• Option 3: Default Gateway
• Option 6: DNS Server
• Option 15: DNS Domain
• Option 66/67: PXE boot options
• Option 42: NTP Time Server
• Option 43: Vendor-specific (used by VOIP)
• Up to 40–50 options are available, but most setups just use a few.

VOIP & DHCP

• VOIP phones often require Option 66 (TFTP server IP), Option 150 (Call manager), and Option 43 (Vendor-specific info).

DNS Record Summary

• A: IPv4 Address
• AAAA: IPv6 Address
• PTR: IP → Name
• CNAME: Alias
• MX: Mail Server
• SRV: Service Locator
• SOA: Zone Metadata

DHCP Summary

• Ports: 67 (server), 68 (client)
• Relay: Forwards requests to the server across subnets
• Lease: Temporary IP assignment
• Reservation: Fixed IP for a MAC
• Failover: Redundancy for DHCP
• Options: Additional settings like gateway, DNS, NTP