Introduction
Versions Used
• Windows Server 2003Setup Used
i. Server Name = martini ii. Credentials: User = “Administrator” , Password = “password” iii. IP Address: 10.1.1.101 iv. AD Setup: AD Domain Name = echofloor.com v. AD Setup: NetBIOS Domain Name= echofloorPrerequisites
As this Training involves changing TCP/IP Settings, knowledge of TCP/IP is the next requirement. In this Tech Note Microsoft terms will be used without explanation.
Task List
• Install Windows 2003
• Prepare Windows 2003 Server • Prepare TCP/IP Settings • Install DNS
• Setup DNS
Install Windows 2003
This Training assumes Windows 2003 Server is installed and that all drivers have been installed. Make sure that either a copy of the I386 Directory from the Windows Server installation CD on the local hard drive remains, or the Windows Server installation CD is in the CD Drive.
A DNS Server must have a fixed IP so make sure that the server does not get an IP from a DHCP server. The server must be able to reach the Internet but DNS settings are not required as the server will be its own DNS server.
CATEGORY Title
Prepare Windows 2003
The first step for installing DNS Server is to set the computer name and Primary DNS Suffix. The computer name and Primary DNS Suffix must be set from System Properties.
• From System Properties go to the Computer Name tab. On this tab the full computer name and the workgroup can be seen. Workgroup name is not important, as this will not be used;
• Computer name, membership and Primary DNS Suffix can be changed by clicking the Change button; • The More button brings up the DNS Suffix and NetBIOS Computer Name dialog;
• In the Primary DNS Suffix of this computer field the Domain Name to be used by your DNS Server must be filled in; e.g., echofloor.com;
• After applying these setting the server needs to be restarted.
Prepare TCP/IP Settings
Once the proper name and DNS Suffix are setup, some adjustments have to be made to the TCP/IP settings. For this go to the properties of the Primary Local Area Connection in Network Connections.
• Select Internet Protocol (TCP/IP) and click the Properties button;
• Make sure that the server has a static IP address and a Default Gateway. For Preferred DNS Server, fill in the server’s IP address.
Install DNS
DNS (Domain Name System) Server is an installable windows component and needs to be installed via Add/Remove Programs from Control Panel.
• From Windows Components select Networking Services;
• Click Details to select the Networking Services you want to install; • Select Domain Name System (DNS).
To install Windows Components, the I386 Directory from the Original Windows Server 2003 is needed. If the CD is not in the CD Drive, a popup will allow you to select the location of the I386 directory.
Once installation is complete, two additional Services and two additional Administrative Tools can be found on the server.
Setup DNS
DNS setup consists of multiple steps: -Setup DNS server properties; -Setup Forward Lookup Zone; -Setup Reverse Lookup Zone; -Add DNS records.
Setup DNS Server properties
By default DNS server settings are set for normal operations and do not have to be changed. In some circumstances modifications are needed.
DNS Server by default listens for DNS queries on all IP addresses. When needed this can be limited to a single or multiple IP addresses. Be aware that changes here need to be reflected in TCP/IP settings.
By default DNS server uses Root Hints to resolve external domain names. In some circumstances the DNS server needs to forward its DNS queries to a specific server. This can be configured on the Forwarders tab.
Forwarders can be configured for all domains, or for a specific domain. This is called conditional forwarding. Examples when forwarding need to be used:
-DNS queries need to be forwarded to the Internet Service Provider’s DNS server
Some ISPs block outbound DNS queries, and only allow outbound DNS queries to be targeted at their DNS servers. In this case forwarder IP addresses need to be configured for all domains.
-DNS queries for a certain domain need to be forwarded to an internal DNS server
In some cases access to an internal DNS server for domain is available. For example a VPN tunnel to SonicWALL is available and internal DNS needs to be used. In this case a DNS domain needs to be added. For this domain the internal DNS servers will be used as forwarder IP for this domain.
Create Forward Lookup Zone
After configuring DNS server settings the next step is to setup a Forward Lookup Zone. This can be done by selecting and right clicking Forward Lookup Zones and choosing the New Zone option.
This will launch the New Zone Wizard
• The first step is to select the Zone Type. Select Primary Zone;
• On the Dynamic Update option, choose to Allow both nonsecure and secure option for an internal DNS server and Do not allow dynamic updates for a public DNS server.
Create Reverse Lookup Zone
Once the Forward Lookup Zone is created, the next step is to create a Reverse Lookup Zone. The steps to create a Reverse Lookup Zone are very similar to creating a Forward Lookup Zone.
• For Reverse Lookup Zone Name, fill in the Network ID needed for the Domain. The network ID consists of the IP Subnet ID. In this case 10.1.1;
• For Zone File, leave the option on Create a new file and leave the filename as it is;
• On the Dynamic Update option, choose to Allow both nonsecure and secure option for an internal DNS server and Do not allow dynamic updates for a public DNS server.
Add DNS Records
Once the DNS server is set up, the DNS server can be filled with DNS records. There are 6 basic types of DNS records:
A
A, or address, records describe the IP that a given DNS node has;
CNAME
CNAME or alias, records add secondary DNS names attached to an A
record
MX
MX, or mail exchange, records describe the machines to contact in order to
send mail to a given DNS node;
NS
An NS record tells name servers which machines are in charge of a given
domain Zone;
SOA
This is a record used when using DNS to synchronize data between
multiple computers.
TXT
TXT, or text, records are arbitrary text strings which can be attached to
given DNS nodes. Certain protocols, such as SPF, use this field to store
protocol-specific data.
SPF
SPF records are actually TXT records.
PTR
PTR or Pointer, records are used in reverse DNS and describe the DNS name to a given IP
address
Note: A given zone must have precisely one SOA record. Microsoft DNS server will set itself as SOA by
default when creating a zone.
A record
An A record, or host record consists of a name and an IP address. To add an A record:
• Fill in the Name; the domain name will be automatically added; • Fill in the IP address;
• Optionally check the Create associated pointer record.
Note: duplicate A records can be created to map a DNS name to multiple IP addresses
CNAME record
A CNAME record, or ALIAS record, consists of a name and an A record. To add a CNAME record:
• Fill in the Alias name;
MX record
An MX record, or Mail Exchanger record, consists of a domain name, an A record and a priority.
Priority is used for failover. The lowest priority will be used first. To add an MX record:
• Optionally fill in the host or child domain; • Browse to an existing A record;
• Set the Mail Server Priority (default is 10).
NS record
An NS, or Name Server, record consists of a domain name and an IP address. To add an NS record:
• Go to properties of the Zone; • Go to Name Servers tab; • Add a name server.
SPF record
An SPF (Sender Policy Framework) record consists of an optional Record name
To add an SPF record:
• Select Other New Records; • Select TXT;
• Add the Text “v=spf1 ms –all”; • Click ok;
PTR record
A PTR, or pointer record, consists of a Host IP Number and a Host name.
To add a PTR record:
• Fill in the Host IP number;
• Fill in a Host name or Browse to the appropriate A record.
Note: Unlike the other records, PTR records are created in the Reverse Lookup Zone
