• Home
• DNS Zones - MCSE Prep

Section 3.5: DNS Zones

A zone is a contiguous portion of the domain namespace for which a DNS server has authority to resolve DNS queries. You can divide the DNS namespace into zones, which store name information about one or more DNS domains or portions of a DNS domain. For each DNS domain name included in a zone, the zone becomes the authoritative source for information about that domain. To limit the number of DNS servers on your network, you can configure a single DNS server to support, or host, multiple zones. You can also configure multiple servers to host one or more zones to provide fault tolerance and distribute the name resolution and administrative workloads. Multiple zones in a domain name space are used to distribute administrative tasks to different groups. However, a zone must encompass a contiguous domain name space. For example, you cannot create a zone that consists of only the studyguides.testking.com and qae.testking.com domains, because these two domains are not contiguous - the studyguides and the qae subdomains are independent of each other and can only be combined into a single DNS zone if the testking.com domain is also included in the zone.

3.5.1: Zone Files

Zone files contain the information that a DNS server references to resolve host names to IP addresses and to resolve IP addresses to host names. This information is stored as resource records that populate the zone file. A zone file contains the name resolution data for a zone, including resource records that contain information for answering DNS queries. Resource records are database entries that contain various attributes of a computer, such as the host name or FQDN, the IP address, or the alias. DNS servers can contain the following types of resource records.

3.5.1.1: Resource Records

The DNS is a hierarchical, distributed database. The database itself consists of resource records (RRs), which primarily consist of a DNS name, a record type, and data values that are associated with that record type. To resolve names, servers consult their. The zones contain RRs that make up the resource information associated with the DNS domain.

• The first record in any database file must be the Start of Authority Record (SOA) which defines the general parameters for the DNS zone. All SOA records follow a number of rules:

• The @ symbol in a database file indicates "this server".

• in indicates an Internet record.

• Any host name not terminated with a period (.) will be appended with the root domain.

• The @ symbol is replaced by a period (.) in the e-mail address of the administrator.

• Parentheses ( () ) must enclose line breaks that span more than one line.

• The Name Server Record (NS) lists the additional DNS name servers. A database file may contain more than one NS record.

• A Host Address Record (A), also referred to as a Host Record, associates a host name to its IP address. Host records will comprise most of the database file and will list all hosts within the zone.

• A Canonical NAME Record (CNAME) associates more than one host name with a single IP address. This is sometimes referred to as aliasing.

3.5.1.2: File Types

• The Reverse Lookup File allows a resolver to provide an IP address and request a matching host name. A reverse lookup file is named like a zone file according to the in-addr.arpa zone for which it is providing reverse lookups. This file contains SOA and NS records similar to other DNS database zone files, as well as PTR records.

• The PTR Record provides an address-to-name mapping within a reverse lookup zone. IP numbers are written in backward order with in-addr.arpa is appended at the end of the IP number. As an example, looking up the name for 196.20.126.21 requires a PTR query for the name 21.126.20.196.in-

addr.arpa.

• The Cache File (cache.dns) contains the records of the root domain servers. This is the same on all name servers and contains host information that is needed to resolve names outside of authoritative domains, as well as names and addresses of root name servers. When the name server receives a query for name resolution for a network resource outside of its zone, it starts the name resolution process with these root domain servers.

• The Boot File is the startup configuration file on the Berkeley Internet Name Daemon (BIND) specific implementation of DNS. This file contains the host information needed to resolve names outside of authoritative domains. The file is not defined in a Request for Comments (RFC) and is not needed to be RFC-compliant. It is supported by Windows Server 2003 to improve compatibility with traditional, UNIX-based DNS services. The Berkeley Internet Name Daemon boot file controls the startup behavior of the DNS server.

3.5.2: Zone Types

Windows Server 2003 supports three types of zones. Table 3.2 describes these zone types, as well as the zone files associated with them.

Table 3.2: Zone Types

Zone Type

Description

Standard Primary Contains a read/write version of the zone file that is stored in

a standard text file. Any changes to the zone are recorded in that file

Standard Secondary Contains a read-only version of the zone file that is stored in

a standard text file. Any changes to the zone are recorded in the primary zone file and replicated to the secondary zone file. Create a standard secondary zone to create a copy of an existing zone and its zone file. This allows the name resolution workload to be distributed among multiple DNS servers

Active Directory Integrated Stores the zone information in Active Directory, rather than

a text file. Updates to the zone occur automatically during Active Directory replication. Create an Active Directory integrated zone to simplify planning and configuration of a DNS namespace. You do not need to configure DNS servers to specify how and when updates occur, because Active Directory maintains zone information