The Domain Name System (DNS) associates various information with domain names; most importantly, it serves as the “phone book” for the Internet by translating human-readable computer hostnames, e.g. www.example.com, into IP addresses, e.g. 22.214.171.124, which networking equipment needs to deliver information. A DNS also stores other information such as the list of mail servers that accept email for a given domain. By providing a worldwide keyword-based redirection service, the Domain Name System is an essential component of contemporary Internet use.
NS allows two main types of queries: forward lookups and reverse lookups. A forward lookup searches for an IP address based on a provided host name. For example, when you browse to www.techrepublic.com, your operating system’s DNS resolver queries DNS for a www host record in the techrepublic.com domain.
A reverse lookup performs the opposite. It queries DNS for a host name based on an IP address. For example, some e-mail servers perform a reverse DNS lookup on a sending mail server to determine that the host name offered by the remote mail server actually matches the IP address of the SMTP connection attempting to deliver the message.
Windows 2000’s DNS service supports both forward and reverse lookup zones. If you want your DNS server to support reverse lookups, you need to create a reverse lookup zone for each subnet you want to support.
To create a reverse lookup zone, follow these steps:
1. Open the DNS console, and expand the server where you want to create the zone.
2. Right-click Reverse Lookup Zones, and choose New Zone to launch the New Zone Wizard.
3. Click Next, choose Standard Primary, and click Next.
4. In the Network ID field, enter the first three octets of the zone’s IP address, and click Next.
5. When the wizard offers a name for the DNS zone file, click Next to accept the default name, and click Finish.
After creating the zone, you need to add pointer resource (PTR) records to the zone. These records associate an IP address with a host name. You can create the PTR records explicitly in the reverse zone, or the DNS console can create the PTR records automatically when you create records in the forward lookup zone.
Just because you host your own DNS services doesn’t mean that reverse DNS makes it to your DNS servers. Your Internet service provider (ISP) might handle reverse lookup for your subnet. If you’re not sure, check with your ISP.
A forward lookup zone is that part of the DNS system that allows you to perform name-to-address resolution (forward lookup queries). On name servers, you must configure at least one forward lookup zone in order for the DNS Service to work. The forward lookup zone can be created by using the DNS Server wizard or starting the Create New Zone wizard by right-clicking the Forward Lookup Zone folder and selecting the Create a New Zone.
To allow users in Company A to access resources in Company B, the administrator of Company A decides to create a stub zone for Company B’s domain. To do this, right-click on Forward Lookup Zones in the figure above and select New Zone. This starts the New Zone Wizard:
Clicking Next brings up the Zone Type screen, and we’ll choose Stub Zone here and select the checkbox to create an Active Directory Integrated stub zone:
Click Next and the Active Directory Zone Replication Scope screen is displayed, which we’ll leave at its default setting for automatic replication of stub zone information to all domain controllers in the test2003.local domain.
Clicking Next displays the Zone Name screen, and here we type test2000.local as the name of the stub zone since this is the name of the target domain on Company B’s network:
Clicking Next displays the Master DNS Servers screen, and we enter the IP address 172.16.11.210 for one of the name servers on Company B’s network:
Clicking Next and then Finish runs the wizard and creates the new stub zone, which here is highlighted in the DNS console connected to SRV220 on Company A’s network:
Note in the above figure that as expected the stub zone contains only an SOA record, an NS record for each name server in the domain, and an A record for each name server in the domain. Now when Sally clicks Start, selects Run, and types \\srv210.test2000.local\catalog a window opens up displaying the contents of the CATALOG share on SRV210 in the remote forest:
Stub zones are easy to create and can make name resolution between forests more efficient, but they have other uses as well. For example, stub zones can enable name servers to perform recursion without needing to query the Internet root name servers or internal corporate root servers, thus decreasing the number of hops between name servers and making name resolution more efficient. Another use of stub zones is to keep delegated zone information up to date and prevent lame delegations from wrecking name resolution within a forest, and that would make a good topic for a future article. Both of these are good topics for future articles, so stay tuned for more on stub zones later.
Resolution # 2