Introduction to Networking: DHCP & DNS (Windows Server 2019)

Vocabulary-style flashcards covering DHCP and DNS concepts, components, records, and management in Windows Server 2019.

DHCP

Dynamic Host Configuration Protocol; automatically configures IP address information for network devices.

DORA

The four DHCP message types: Discover, Offer, Request, Acknowledgement.

DHCP relay

Method to forward DHCP messages across subnets when broadcasts cannot reach the DHCP server.

DHCP scope

A range of IP addresses managed by a DHCP server for a specific subnet.

DHCP reservation

A permanent, fixed IP address within a scope assigned to a specific device (by MAC address).

DHCP authorization

Process to register a DHCP server in Active Directory before it can lease IP addresses.

Enterprise Admins vs Domain Admins (DHCP context)

Accounts with privileges to authorize DHCP servers; Enterprise Admins can authorize across domains, Domain Admins can authorize within a single domain.

Standalone DHCP server

A DHCP server outside AD DS that will not lease addresses if an authorized DHCP server exists in the domain.

DHCP clustering

High-availability configuration including shared storage, split scopes, and DHCP failover.

DHCP management tools

Tools for DHCP: DHCP console, Windows PowerShell cmdlets, and Windows Admin Center integration.

DHCP options precedence

Options apply at server, scope, class, and reserved client levels, in order from least to most specific.

DHCP port 647

TCP port used for DHCP failover traffic.

DHCP server role installation methods

Install via Server Manager, Windows Admin Center, or PowerShell (Add-WindowsFeature DHCP -IncludeManagementTools).

DNS

Domain Name System; resolves host names to IP addresses for resource access.

DNS namespace

Hierarchical DNS naming structure with a root and subdomains; can be public or private.

DNS zone

Container for DNS resource records for a namespace; stored in a file or in AD DS when integrated.

SOA

Start of Authority; a DNS resource record with zone configuration details (primary server, refresh, etc.).

NS record

Name Server; identifies the DNS server that holds the zone data.

A record

Host (A) record; maps a hostname to an IPv4 address.

AAAA record

Host (AAAA) record; maps a hostname to an IPv6 address.

CNAME record

Alias; maps one name to another canonical name.

SRV record

Service Locator; maps a service to a host and port (e.g., LDAP, Kerberos).

MX record

Mail Exchanger; specifies the mail server for a domain.

TXT record

Text record; stores arbitrary text information associated with a name.

PTR record

Pointer; maps an IP address to a hostname (reverse lookup).

TTL

Time to Live; duration DNS data is cached by clients and servers.

DNS resolver cache

Cached responses stored by the DNS client after resolution.

Hosts file

Local file (C:
\Windows\System32\Drivers\etc\hosts) mapping names to IPs, overrides DNS cache.

DNS forwarding & root hints

Forwarding forwards unresolved queries; root hints guide internet resolution when needed.

Dynamic updates

DNS zones can be updated automatically by clients to register their records.

Secure dynamic updates

In AD-integrated zones, updates can be restricted to secure updates to prevent spoofing.

AD-integrated zones

DNS zones stored in Active Directory; enables secure, centralized DNS data management.

DNS policies

Policies to influence how a DNS server handles queries based on factors like client subnet.

DNS policy objects

Client Subnet, Recursion Scope, Zone Scopes used to define DNS policies.

DNSSEC

DNS Security Extensions; signs DNS data to prevent tampering and spoofing.

Signing the DNS zone

Process of digitally signing a zone, często via the DNSSEC Zone Signing Wizard.

NRPT

Name Resolution Policy Table; used to enforce DNS resolution policies on clients.

Trust anchor

Public key(s) distributed to resolvers to validate DNSSEC signatures.

KSK and ZSK

Key Signing Key (KSK) signs the zone key; Zone Signing Key (ZSK) signs zone data.

Aging and scavenging

Maintenance to remove stale DNS records to prevent outdated responses.

SRV records in AD DS

Domain controllers publish service location via SRV records (e.g., LDAP, Kerberos) using NetLogon.

DNS integration with AD DS

DNS stores SRV records for domain controllers; DCs often host DNS services.

DNS zones vs AD DS storage

Zones can be stored in files or in AD DS when integrated.