N&SA-2025-S1-Wk3-3

DNS Components

Three Main Components of DNS

• DNS Namespace: The global and hierarchical organization of DNS zones.
• DNS Records: The records contained within the DNS namespace.
  • Each zone is a portion of the DNS namespace.
  • Delegated to specific administrators who are authorized to manage it.
• Authoritative DNS Servers: DNS servers that serve the records for a specific zone.
  • Example: A university can be an authoritative DNS server to manage records for its IT faculty.
  • Improves performance by distributing responsibility.
  • The main DNS server handles records for the entire university, while authoritative servers handle specific faculties.
• DNS Resolvers: Services needed to resolve names within the namespace (e.g., resolving names to IP addresses).

Name Resolution techniques

There are two techniques for name resolution:

• Iterative
• Recursive

Conventional Name Resolution

Transforms a DNS name into an IP address.

Process:

1. Locate the DNS server responsible for holding the record for the requested name.
2. Request the record from that server and receive the required IP address.

Client Request Example:

1. Client makes a request to the local DNS server.
2. The local DNS server contacts the authoritative DNS server for the zone.
3. If the authoritative server holds the record, it sends it back.
4. If not, the authoritative server identifies the server responsible for the requested domain/website.
5. The local DNS server relays the message back to the client.
6. If the local DNS server does not locate the record, the request goes to the root, then to top-level domain, then comes back with the record.

Recursive Name Resolution

The resolver is responsible for looking for the record.

Process:

1. A request is made to the local DNS server.
2. The local DNS server forwards the request to a DNS resolver.
3. The DNS resolver queries the root name server.
4. The root name server forwards the query to the top-level domain name server.
5. The top-level name server forwards the query to the authoritative name server.
6. The authoritative name server sends the record back to the DNS resolver.
7. The DNS resolver sends the record back to the local DNS server.
8. The local DNS server forwards the record to the client.

Key Difference Between Authoritative and Recursive DNS Queries

• In authoritative DNS, the local DNS server is responsible for finding the record.
• In recursive DNS, requests are forwarded until the record is found, and then the record is sent back through each server in the chain.

IP Address Management (IPAM) in Windows

• Since Windows Server 2012, Microsoft introduced IPAM, a feature for centralized management of DNS and DHCP infrastructure.
• DHCP and DNS servers are core infrastructure components for all networks, regardless of the operating system (Windows, Linux, macOS, IoT devices).
• IPAM allows central management of DNS zones and DHCP scopes instead of managing them individually.

The core functionality of Windows was the DHCP and DNS, so every network must have a DHCP server and a DNS server if based on a client-server environment network.

Benefits of IPAM

• Centralized control for DHCP and DNS.
• Manages DHCP scopes and DNS zones from a single server, rather than managing them individually.
• Simplifies administration and ensures consistency.