dns tutorials

8/7/2019 dns tutorials

1/20

Our Training Products: Microsoft Training Cisco Training VMware Training Citrix Training CompTIA Training Microsoft Office Training Wireless Network Training

Guide to Certifications and Technology News for IT Professionals

About This Blog Contact Us Support Forums

Home IT Certifications News Tips and Tutorials Free Computer Training Videos IT Career Help Suggest Content

Windows DNS Server 2008: Setup ExternalInternet DNS Server

By Dave Lawlor July 16, 2008

Topics MentionedOperating System(s):

Server 2008

Hopefully if youre in the tech field you know that DNS is one of the main pillars of the Internet andwhat makes having those delightful friendly domain names (like www.TrainSignalTraining.com andwww.TrainSignal.com) possible instead of having to memorize a long list of boring IPs(69.16.232.158).

For those of you that might need a refresher, the DNS service is the addressing book of thenetworking world, allowing the translation of human friendly names to IP addresses at its base level.It also stores other types of records that helps in delivery of different types of information from oneend of the Internet to the other.

Why Have An External DNS Server?

Search for Articles or Vid

Page 1 of 20Setup External Windows DNS Server 2008

3/30/2011http://www.trainsignaltraining.com/windows-server-2008-dns-server


2/20

This is especially useful if you are running IIS and have a lot of sites and dont want to use a 3rdparty option for DNS. For example, at a client I worked with, they owned over 250 domain namesand wanted to keep tight control over their DNS in case of server moves and other emailconsiderations.

An external DNS server will also help limit the exposure of your network to security leaks in casethe server is compromised. If you connect the Internet facing server to the rest of your DNS serversyou will have your internal network AD information stored on there. Should this external facingserver get hacked or compromised they would find quite a bit more information than just somepublicly available resource records.

Once you have setup the external DNS servers you have your internal DNS servers with your privateinformation forward requests to the external DNS server for clients needing name resolution to theoutside world.

How to Install Windows DNS Server 2008

The first thing we will have to do is setup the DNS Role on the server that we want to use. Letswalk through that first:

NOTE: This walkthrough is for EXTERNAL DNS servers and will not include information onintegrating with Active Directory or installing other components other than what is needed.

1. Open Server Manager and click on Roles in the left pane and then click on Add Roles in thecenter pane.

2. Depending on whether you checked off to skip the Before You Begin page while installinganother service, you will now see warning pages telling you to make sure you have strong security,static IP, and latest patches before adding roles to your server.

If you get this page, then just clickNext.




3/20

3. Next is the Select Server Roles window, and we are going to go ahead and checkDNS Server inthe list of possible roles.

Now if you dont have a Static IP Address assigned to your server you will get the warning:

Either choose to ignore the warning and continue to install or go back and set a Static IP for theserver. Either way you come back to the Select Server Roles screen, you can now choose to clickNext.




4/20

4. Next is the DNS Server information screen giving some links to understanding the DNSintegration with AD and other information.

Of course since we are configuring an External DNS server we will clickNext to continue.




5/20

5. Confirm the Installation Selections by reviewing the list and then clicking Install.




6/20

6. After a little while you should now see the Installation Results page, and hopefully see aInstallation Succeeded message across from DNS Server, and then clickClose.

Thats it! You have now installed the DNS Role on a Windows Server 2008. Lets go to someconfiguration tasks now.

Please note that when you install the DNS service the server will automatically open up port 53TPC/UDP for DNS related traffic.

How to Configure Windows DNS Server 2008

Ok, before we start configuring your server there are a few basics we should cover.

Remember I said basics, because I am not going to go beyond what is needed for an External DNSserver and confuse the issue, but there are other options beyond what I am going to review here.

Forward Lookup Zone A DNS Zone that does lookups for the domain name to IP address.This is the most common form of zone that people will use.

Reverse Lookup Zone This DNS Zone is the exact opposite of the Forward Lookup Zoneand allows an IP to be assigned to a domain/hostname.Note: Most external Reverse Lookup Zones will not work unless you own your block ofIPs. The ISP/WebHost service that you use will more than likely own the reverse IPrecords, and you will have to request them to make any changes you require.

If you have gone through my earlier IIS articles you know that I have used a test domain calledlogfiletest.com. Lets go ahead and create a forward lookup zone for that domain.




7/20

1. Open DNS Manager

2. Since I am local to the server it will automatically have itself in the DNS Manager. Expand out theserver then right click on Forward Lookup Zones, and then left click on New Zone.

3. Welcome to the New Zone Wizard, should be the next window you see. Go ahead and clickNext.




8/20

4. Next we are going to pick a zone type. Since this is going to be the primary DNS server forlogfiletest.com choose Primary Zone, and then clickNext.

5. Now we are going to enter the Zone Name, in this case it is logfiletest.com. After entering thename of your zone go ahead and clickNext.

6. The next window is about the zone file.

Non-Active Directory zones are kept in a flat text file in %SystemRoot%\system32\dns on the




9/20

server. You have the option of creating a new one or using one that was copied over from a differentserver. In our case we will use the default naming and create a new one, by clicking Next.

7. Dynamic Updates allow client computers to create and update their own resource records. Forexternal servers this would be bad, so we will go with the Do not allow dynamic updates radiobutton and then clickNext.

8.Completing the New Zone Wizard will be the next window and it has a review of the settingsyou specified during the wizard.




10/20

Go ahead and click on Finish to complete the setup of the Forward Lookup Zone for logfiletest.com.

9. At the completion you will now return back to the DNS Manager, and you can see logfiletest.comis now listed under the Forward Lookup Zone folder.

Congratulations on your setup! Though the domain is setup it currently has no resource records in itto resolve! Lets fix that and give this server a purpose.




11/20

There are different types of resource records, in this case we are going to create a Host (A) record,which maps a name to an IP address.

How to Create a Host (A) Record on Server 2008 DNS

The most basic and simple host record is going to be for a website, so lets go ahead and map the

www of the domain name to the IP that the website uses.

For our example, the IP of logfiletest.com is 192.168.11.5.

1. Open DNS Manager

2. Choose the Forward Lookup Zone you want to work with, in this case it is logfiletest.com andright click on it. Select New Host (A or AAAA) and left click on it.

Note: Dont be confused by the AAAA, as that is used for IPv6 records.

3. The new host window will now popup allowing you to enter the name (if blank it will use theparents domain name), which we will type in www, and fill in the IP address we want logfiletest.comto resolve to, which is 192.168.11.5.

If we choose to we can associate a PTR record with this, which would create the reverse lookup. Notnecessary in this case since we dont control the IPs.

ClickAdd Host when done.




12/20

4. You will get a message that confirms the creation of the Host Record, so clickOK.

5. Now in the DNS Manager you will see your A resource record forwww mapped to the correct IP.

6. Now lets do a quick test with NSLookup and you will see that the name resolves correctly.




13/20

Summary for Creating External DNS Server

So we have walked through the following:

Installing DNS Role on a Windows Server 2008 Created a Forward Lookup Zone Created a Host (A) Resource Record

Again this is just the basics for getting you started in running your own External DNS Server.

In the future we will discuss the different types of resource records and how they are used, how tomake use of features such as round robin DNS and setup redundancies to keep your sites resolvingcorrectly.

More Related Posts

1. How to Create Users and User Templates in Windows Server 2008 Active Directory2. HTTP Redirection in IIS 7 on Windows Server 20083. GUI Schmooey - Installing Windows 2008 Server Core4. Take Command of Server 2008 with Windows PowerShell Part 35. Less is More Windows 2008 Server Core

You can leave a response, ortrackbackfrom your own site.

About the Author

Dave Lawlor (MCTS, MCP, A+) has been working in the IT field since leaving the U.S. Army in1996. Working his way up from printer hardware repair to running a corporate datacenter for a




14/20

multinational corporation, Dave has seen many environments throughout the years. Focusing on websites and search engine optimization the last few years, with the release of Server 2008 it hasrenewed his passion for the Wintel platform and server technologies. David also runs Windows-Server-Training.com where he posts free videos and walk-throughs for a variety of servertechnologies. David currently works as a freelance technical consultant and writer for a variety ofcompanies in the Chicago area.

Author's Website:http://www.DaveLawlor.com

Discussion

23 comments and trackbacks for Windows DNS Server 2008: Setup External Internet DNS Server

Comments

1.Posted by Franklin Owusu-Akyeampong on July 17, 2008, 11:51 am

Its marvelous! Train signal continue the good work youre doing.

2.Posted by Alfredo Fernandezon July 17, 2008, 4:48 pm

This kind of training resource is too helpfully! Keep Publishing this kind of media!

3.Posted by Dave on July 17, 2008, 5:31 pm

Great job as usual. You guys are great!!!

4.Posted by Lakshmi Narayanan on July 17, 2008, 11:03 pm

Because of trainsignal I can able to update myself without going to institute. This article helpsmany people to achieve their goal in System Admin

5.

Posted by Neveron July 18, 2008, 3:55 am

So great and helpful




15/20

6.Posted by Remi Adesupo on July 27, 2008, 11:51 am

Thank you for this resource. The details are unbelievable.

7.Posted by rzpirate on August 26, 2008, 1:34 am

im a student, thank for the resource.. its help me alot

8.Posted by Sudath on September 20, 2008, 1:41 am

This website is great. It helped me to learn lot of computer things. Thanks for all the authorsand other people who maintaining this site.

9.Posted by Partha on September 27, 2008, 10:03 am

This is super.

10.Posted by Webter Obina on October 6, 2008, 7:13 pm

This is really great! Very informative and useful. Thanks for all the people who makes thisworth reading site. Keep up the good work!

11.Posted by charger on October 17, 2008, 1:26 am

Thanks for making this available. Whoever put this together really knows how to make thingsclear. Nice job!

12.Posted by Dr leslie Causton on October 20, 2008, 8:06 am




16/20

Great. Wish Id read this instead of the Microsoft documentation

13.Posted by Mansoor Ahmed on January 22, 2009, 10:22 pm

Great, so easy to understand!

14.Posted by Balakrishnan S on January 23, 2009, 12:38 am

Hi,

Snapshot for Reverse lookup zone is not available.If the samething available then it is ok.

Rgds SBK..

15.Posted by Dustin Mobley on April 30, 2009, 9:20 pm

What about using DNS forwarders with my Comcast ISP? Im being told that instead of

manually configuring the DNS in the network properties that Im supposed to use DNSForwarders and enter comcasts DNS servers in there. So with these instructions where atwould I enter comcast DNS Servers at?

16.Posted by Rajendra on August 3, 2009, 7:05 am

This is really nice article.. helps a lot to understand @ DNS servers.. Keep posting such nice

articles thanks!

17.Posted by Arun kumar on May 7, 2010, 6:15 am

plz help me in AD and Exchange Server plz ask me how to update in ad and exchange server

18.Posted by omar on August 12, 2010, 8:38 pm




17/20

Thanks alot, but could u please explain Split DNS, and how can I possibly do it whenpublishing servers like Web and mail servers. Thanks again

19.

Posted by PatMon August 29, 2010, 5:54 pm

I operate a growing non-profit organization that support other non-profit organizations in theSt. Louis area. I have come to the conclusion that the only way I can provide real support is tohost my own website(s) and control my own Domain Server. Your article is great I ambookmarking your site and will be sharing it on my community portal that will go out to all thetechs at the local universites that my organization pulls student interns from.

20. Train Signal Team Member

Posted by Kasia Grabowska on September 1, 2010, 9:01 am

Thanks PatM! Were glad to hear you find our site useful. Thanks for sharing it with others,we really appreciate that!

Trackbacks

1. Windows Server 2008: External Internet DNS Server | Dave Lawlor {Dot} Com2. Public Windows Server 2008 DNS Server3. Windows DNS Server 2008: Setup External Internet DNS Server | DNS Internet

Post a comment

Name *

E-mail *

Web site

XHTML: You can use these tags:

Comment

Submit Comment




18/20

0 23

Categories

Windows Server

Related Posts

1. Windows Server 2008 IPv6 The Future of Internet Protocol2. How to Install Windows Server 20083. Migrating to IPv6 with Windows Server 20084. 10 Steps to Installing the Web Server Role in Windows Server 20085. Install Read-Only Domain Controller on Windows Server 2008

Featured Products

0

Search for Articles or Vid




19/20




20/20

Tags

About Us

Train Signal is a fun, profitable and high growth company founded in 2002 that produces premiumquality computer training videos with a focus on making learning more fun and more effective. Ourtraining is very comprehensive and designed to give our customers in-depth knowledge, build hands-on skills and promote career advancement.

Our Training Products: Microsoft Training

Cisco Training VMware Training Citrix Training CompTIA Training Microsoft Office Training Wireless Network Training

Connect with Us

Become a fan on Facebook Follow us on Twitter

View Our YouTube Channel

Copyright 2002-2011 Train Signal, Inc. All Rights Reserved. All logos and trademarks areproperty of their respective owners.


Documents

dns tutorials