Microsoft windows 2000 DNS manual Primary Zone

Page 59

.

com.

 

 

 

 

 

 

 

 

 

 

yyy.com.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

zzz.com.

 

 

 

 

someother.com.

2

 

3

 

External world / Global Network

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

YYY corporation

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

ZZZ corporation

 

 

 

 

 

 

 

 

 

Proxy Server

VPN

 

 

 

 

 

 

 

 

VPN

 

Firewall

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

4

 

 

 

.

1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

yyy.com.

YYY corporation

ZZZ corporation

2

zzz.com.

yyy.com. 3

first.yyy.com. second.yyy.com. third.yyy.com. first.zzz.com. second.zzz.com. third.zzz.com.

1

 

 

 

4

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Zone.Name.

Primary Zone

Zone.Name.

Secondary Zone

A DNS Server, Firewall, VPN or Proxy Server

 

 

 

A DNS Client

 

 

 

 

Now consider an interesting case of a corporate computer that needs to resolve an external name of a computer from its own company.

A computer in the YYY Corporation needs to open a web page on the www.yyy.com. machine. Since it is a proxy client it sends a request to the proxy server (Step 1) after it finds that the name www.yyy.com. is external, based on the PAC file. The proxy server sends a DNS query to the assigned DNS server (Step 2) which happens to be authoritative for www.yyy.com. The DNS server resolves the query and returns the response to the proxy client (Step 3). Finally the proxy server uses the obtained IP address of www.yyy.com. to contact it and provides necessary info to the client (Step 4).

Windows 2000 White Paper

53

Image 59
Contents Windows 2000 DNS Microsoft Corporation. All rights reserved Contents Designing a DNS Namespace for the Active Directory Summary Page DNS Fundamentals Standards and Additional Reading Name Services in WindowsDraft-skwan-gss-tsig-04.txt GSS Algorithm for Tsig GSS-TSIG History of DNSHierarchy of DNS Domain Names Structure of DNSDNS and Internet Int/net/orgCom Edu Gov Mil Army Microsoft Mit MydomainDistributing the Database Zone Files and Delegation TTLMicrosoft My domain ftp Ntserver Replicating the DNS databaseQuerying the Database NEW Features of the Windows 2000 DNSName Server Resolver Root-server Gov Whitehouse.gov Time to Live for Resource Records Updating the DNS DatabaseActive Directory Storage and Replication Integration Active Directory Service Storage ModelWindows 2000 White Paper Zone Type Conversions Controlling Access to ZonesReplication Model Protocol Description Incremental Zone TransferSlave DNS Server Ixfr and DS Integration Dynamic UpdateZone Log File Master DNS ServerDynamic Update of DNS Records Update AlgorithmDhcp Client Mixed EnvironmentClient Reregistration Statically Configured ClientSecure Dynamic Update RAS ClientEstablishing a security context by passing security tokens Secure Dynamic Update Policy Controlling Update Access to Zones and Names DnsUpdateProxy GroupAging and Scavenging DNS Admins GroupAging and Scavenging Parameters DefaultEnableScavenging Scavenging Period DescriptionRecord Life Span Scavenging Algorithm Configuring Scavenging ParametersInteroperability Considerations Unicode Character SupportDomain Locator Finish IP/DNS Compatible Locator DNS Record Registration and Resolver RequirementsLdap.tcp.dc.msdcs.DnsDomainName Kerberos.tcp.dc.msdcs.DnsDomainName IP/DNS DC Locator Algorithm Finish Discovering Site specific DCsCaching Resolver Fully-Qualified Query Name ResolutionUnqualified Single-Label Query Using Global Suffix Search OrderUnqualified Multi-Label Query Using Primary and Per-adapter Domain NamesUnqualified Single-Label Query Scenarios Name Resolution ScenariosNegative Caching Fully-Qualified Query ScenariosMicrosoft Implementation of Negative Caching DNS Server List ManagementDNS Manager Administrative ToolsWMI Support for DNS Server Administration Using UTF-8 Characters Format Interoperability IssuesUsing Wins and Winsr Records Utilization DNS Server PerformanceReceiving Non-RFC Compliant Data Hardware components Sizing Server Capacity PlanningChoosing Names Internet Access ConsiderationsWindows 2000 White Paper Windows 2000 White Paper Windows 2000 White Paper VPN Com Yyy.com Zzz.com Windows 2000 White Paper Primary Zone YYY corporation ZZZ corporation VPN Firewall Computer Names Characters in NamesPer-Adapter Naming Full computer nameIntegrating ADS with Existing DNS Structure Domain name and sites. Active Directory domain name DNS Migration to Windows 2000 DNSPartitioning, and Replication Choosing your Zones Deploying DNS to Support Active DirectoryWins Referral Using Automatic ConfigurationIxfr Ixfr For More InformationWindows 2000 White Paper