Microsoft windows 2000 DNS manual Updating the DNS Database, Time to Live for Resource Records

Page 16

www.whitehouse.gov:

Recursive query for www.whitehouse.gov (A RR)

Iterative query for www.whitehouse.gov (A RR)

Referral to the gov name server (NS RRs, for gov); for simplicity iterative A queries by the DNS server (on the left) to resolve the IP addresses of the Host names of the name servers returned by other DNS servers have been omitted.

Iterative query for www.whitehouse.gov (A RR)

Referral to the whitehouse.gov name server (NS RR, for whitehouse.gov)

Iterative query for www.whitehouse.gov (A RR)

Answer from whitehouse.gov server (the IP address for www.whitehouse.gov)

Answer from local DNS server to Resolver (the IP address for www.whitehouse.gov)

Time to Live for Resource Records

A resolver caches the information it receives when it resolves queries. These cached responses can then be used to answer subsequent queries for the same information. The cached data, however, has a limited lifetime specified in the Time To Live (TTL) parameter returned with the data. TTL makes sure the DNS Server doesn’t keep information for so long that it becomes out of date. TTL for the cache can be set on the DNS database (per individual RR by specifying the TTL field of the record and per zone through the minimum TTL field of the SOA record) as well as on the resolver side by specifying the maximum TTL the resolver allows to cache the resource records.

There are two competing factors to consider when setting the time to live. One is the accuracy of the cached information, the other is the DNS server’s utilization and the network traffic. If the TTL is short, then the likelihood of having old information goes down considerably, but increases the DNS servers utilization and the network traffic. If the TTL is long, the cached responses could become outdated, meaning the resolver could give false answers to queries. At the same time a long TTL decreases the DNS server’s utilization and the network traffic. If a query is answered with an entry from cache, the TTL of the entry is also passed with the response. This way the resolvers that receive the response know how long the entry is valid. The resolvers honor the TTL from the responding server; they don’t set it again based on their own TTL. Thus entries truly expire rather than live in perpetuity as they move from server to server with an updated TTL.

Updating the DNS Database

Since the RRs in the zone files are subjected to changes, they must be updated. The implementation of DNS in Windows 2000 supports both static and dynamic updates of the DNS database. The details of the dynamic update are discussed later in the paper.

The new features of Windows 2000 DNS include:

Active Directory service Integration

Windows 2000 White Paper

10

Page 15 Page 17
Image 16
Page 15 Page 17
Contents Windows 2000 DNS Microsoft Corporation. All rights reserved Contents Designing a DNS Namespace for the Active Directory Summary Page DNS Fundamentals Name Services in Windows Standards and Additional ReadingHistory of DNS Draft-skwan-gss-tsig-04.txt GSS Algorithm for Tsig GSS-TSIGStructure of DNS Hierarchy of DNS Domain NamesInt/net/org Com Edu Gov Mil Army MicrosoftMit Mydomain DNS and InternetTTL Distributing the Database Zone Files and DelegationReplicating the DNS database Microsoft My domain ftp NtserverNEW Features of the Windows 2000 DNS Querying the DatabaseName Server Resolver Root-server Gov Whitehouse.gov Updating the DNS Database Time to Live for Resource RecordsActive Directory Service Storage Model Active Directory Storage and Replication IntegrationWindows 2000 White Paper Replication Model Controlling Access to ZonesZone Type Conversions Incremental Zone Transfer Protocol DescriptionDynamic Update Zone Log FileMaster DNS Server Slave DNS Server Ixfr and DS IntegrationUpdate Algorithm Dynamic Update of DNS RecordsMixed Environment Dhcp ClientStatically Configured Client Secure Dynamic UpdateRAS Client Client ReregistrationEstablishing a security context by passing security tokens Secure Dynamic Update Policy DnsUpdateProxy Group Controlling Update Access to Zones and NamesDNS Admins Group Aging and ScavengingAging and Scavenging Parameters DefaultEnableScavenging Description Scavenging PeriodRecord Life Span Configuring Scavenging Parameters Scavenging AlgorithmUnicode Character Support Interoperability ConsiderationsDomain Locator Finish DNS Record Registration and Resolver Requirements IP/DNS Compatible LocatorLdap.tcp.dc.msdcs.DnsDomainName Kerberos.tcp.dc.msdcs.DnsDomainName IP/DNS DC Locator Algorithm Discovering Site specific DCs FinishCaching Resolver Name Resolution Fully-Qualified QueryUsing Global Suffix Search Order Unqualified Single-Label QueryUsing Primary and Per-adapter Domain Names Unqualified Multi-Label QueryName Resolution Scenarios Unqualified Single-Label Query ScenariosFully-Qualified Query Scenarios Microsoft Implementation of Negative CachingDNS Server List Management Negative CachingWMI Support for DNS Server Administration Administrative ToolsDNS Manager Using Wins and Winsr Records Interoperability IssuesUsing UTF-8 Characters Format Receiving Non-RFC Compliant Data DNS Server PerformanceUtilization Server Capacity Planning Hardware components SizingInternet Access Considerations Choosing NamesWindows 2000 White Paper Windows 2000 White Paper Windows 2000 White Paper VPN Com Yyy.com Zzz.com Windows 2000 White Paper Primary Zone YYY corporation ZZZ corporation VPN Firewall Characters in Names Computer NamesFull computer name Per-Adapter NamingIntegrating ADS with Existing DNS Structure Domain name and sites. Active Directory domain name Migration to Windows 2000 DNS DNSDeploying DNS to Support Active Directory Partitioning, and Replication Choosing your ZonesUsing Automatic Configuration Wins ReferralIxfr For More Information IxfrWindows 2000 White Paper
Top Page Image Contents