چند سوال از windows server DNS

[sharif12]

سلام
من در حال مطالعه مباحث dns ویندوز سرور هستم و قصد دارم مباحثی که کمتر بحث شده اند را بحث کنیم

netmask ordering چیست و چه کاربردی دارد؟؟
local subnet priority چیست؟؟
glue records چیست و چه کاری انجام می دهد؟؟


با تشکر

---

موضوعات مشابه:

• سوال در مورد Remote Application in Windows Server
• سوال در مورد فعال کردن windows server 2003 r2
• Migrating DHCP from Windows 2000 Server/Windows Server 2003 to Windows Server 2008
• In-Place Upgrade from Windows Server 2003 Domain Controller to Windows Server 2008

---

[ARM]

The netmask ordering feature is used to return addresses for type A DNS queries to prioritize local resources to the client. For example, if the following conditions are true, the results of a query for a name are returned to the client based on Internet protocol (IP) address proximity:

• You have eight type A records for the same DNS name.
• Each of your eight type A records has a separate address.

In the initial release of Microsoft Windows 2000 Server, this proximity is calculated based on the native class of address that is assigned to the client. If the client is assigned a native class A address, the responses that are sent to the client are prioritized by entries that match the client class A network membership. This is also true of native class B and native class C addresses.

The round robin feature is used to randomize the results of a similar type of query to provide basic load-balancing functionality. In the earlier example, eight type A records with the same name and different IP addresses cause a different answer to be prioritized to the top with each query. Because a new IP address is prioritized to the top with each query, clients are not repeatedly routed to the same server.

The initial release of Windows 2000 Server cannot natively use the netmask ordering feature and the round robin feature at the same time. If the netmask ordering feature is turned on, the answers are always provided to the clients in the same order. In Windows 2000 Server Service Pack 5 (SP5), this behavior changed to permit the use of both the subnet-based netmask ordering feature and the round robin feature. The use of both the netmask ordering feature and the round robin feature provides proximity awareness and load-balancing.

In many current network environments, it is uncommon to have a subnet mask that is native to the actual address. Therefore, netmask-ordering that is based on the native class of an IP address is unreliable in predicting whether a network is local. Windows Server 2003 extends the improvements that were made in Windows 2000 SP5. Windows Server 2003 bases proximity on Class C regardless of the native address class.

For example, a company is assigned a 126.45.x.x subnet. It is unlikely that an eight-bit subnet mask will be used to define this subnet in their internal network. Additionally, the company owns only part of the class A subnet. Because this range will likely be divided into class B or smaller networks, netmask ordering may not return results that are close to the client. This is true if the network configuration is different from the network configuration that is implied by the native class of address. Because Windows Server 2003 bases proximity on Class C, close resources are more discoverable.

You can use the Dnscmd /Config /LocalNetPriorityNetMask 0x000000FF Dnscmd.exe command to restore Windows Server 2003 settings to the default settings.

Although the default setting in Windows Server 2003 is to base proximity on Class C, you can change this setting. You can define what part of the mask is relative for netmask ordering based on your environment. When you issue the /LocalNetPriorityNetMask switch, you can specify the bits that are significant to the netmask ordering operation. You can use the Dnscmd /Config /LocalNetPriorityNetMask 0x0000FFFF command to use class B ( or 16 bit) for netmask ordering.

The following table lists other netmask ordering settings:

Collapse this tableExpand this tableNetmaskLocalPriorityNet255.255.255.00x000000ff255.255.0.00x0000ffff255.0.0.00x00ffffff

If only 6 bits are used for the host, the mask is 255.255.255.192. In CIDR notation, classless interdomain routing, this would be a /26 mask. You can use the Dnscmd /Config /LocalNetPriorityNetMask 0x0000003F Dnscmd.exe command to configure a subnetted class C address.

The significant bits set what part of the address is the host space. Because the binary equivalent of 0x3 is 11 and the binary equivalent of 0xF is 1111, 6 bits are set as part of the host address. If seven bits (255.255.255.128 or /25) are required, the value would be 0x0000007F because the binary equivalent of 0x7F is 0111 1111. If only five bits (255.255.255.224 or /27) are required, the value would be 0x0000001F because the binary equivalent of0x1F is 0001 1111.

You can also configure Windows Server 2003 behave identically to Windows 2000 SP5. The Dnscmd /Config /LocalNetPriorityNetMask 0xFFFFFFFF command configures Windows Server 2003 to use round-robining and netmask ordering based on the client native IP address class

local subnet prioritizing

By default, the DNS Server service uses local subnet prioritizing as the method for giving preference to IP addresses on the same network when a client query resolves to a host name that is mapped to more than one IP address. This feature requires that the client application attempt to connect to the host using its closest (and typically fastest) IP address available for connection.
The DNS Server service uses local subnet priority as follows:

1. The DNS Server service determines if local subnet prioritization is needed to order the query response.
   If more than one A resource record (RR) matches the queried host name, the DNS Server service can reorder the records by their subnet location. If the queried host name only matches a single A resource record, or if the IP network address of the client does not match an IP network address for any of the mapped addresses in an answer list of multiple RRs, no prioritizing is necessary.
2. For each RR in the matched answer list, the DNS Server service determines which records (if any) match the subnet location of the requesting client.
3. The DNS Server service reorders the answer list so that A RRs which match the local subnet of the requesting client are placed first in the answer list.
4. Prioritized by subnet order, the answer list is returned to the requesting client.

Simple example: Local network prioritizing

A multihomed computer, multihomed.example.microsoft.com, has three A RRs for its three separate host IP addresses in the example.microsoft.com zone. A separate A RR is used for each of the host's addresses, which appear in this order in the zone:
multihomed IN A 192.168.1.27
multihomed IN A 10.0.0.14
multihomed IN A 172.16.20.4
If a DNS client resolver at IP address 10.4.3.2 queries the server for the IP addresses of host multihomed.example.microsoft.com, the DNS Server service notes that the originating IP network address (10.0.0.0) of the client matches the network (class A) portion of the 10.0.0.4 address in the answer list of RRs. The DNS Server service then reorders the addresses in the response as follows:
multihomed IN A 10.0.0.14
multihomed IN A 192.168.1.27
multihomed IN A 172.16.20.4
If the IP address of the requesting client has no local network match with any of the RRs in the answer list, then the list is not prioritized.

Complex example: Local subnet prioritizing

If you are working in a network that uses IP subnetting (nondefault subnet masks), there are only a few minor differences. If more than one address matches in the network portion, then the matching addresses are further ordered and the RR having the closest matching subnet address is placed first.
For example, a multihomed computer, multihomed.example.microsoft.com, has four A RRs for four separate host IP addresses in the example.microsoft.com zone. Two of these IP addresses are for nonlocal networks. The other two IP addresses share a common IP network address but, because IP subnetting is used, represent different physical subnetted network connections based on their custom (nondefault) subnet mask value of 255.255.248.0. These example RRs appear in the following order in the zone:
multihomed IN A 192.168.1.27
multihomed IN A 172.16.22.4
multihomed IN A 10.0.0.14
multihomed IN A 172.16.31.5
If the IP address of the requesting client is 172.16.22.8, both of the IP addresses that match the same IP network as the client, the 172.16.0.0 network, are returned at the top of the answer list to the client. However, in this example, the 172.16.22.4 address is placed ahead of the 172.16.31.5 address because it matches the client IP address down through the 172.16.20.0 subnet address.
The reordered answer list returned by the DNS Server service would be:
multihomed IN A 172.16.22.4
multihomed IN A 172.16.31.5
multihomed IN A 192.168.1.27
multihomed IN A 10.0.0.14


.

[sharif12]

سلام
من در حال مطالعه مباحث dns ویندوز سرور هستم و قصد دارم مباحثی که کمتر بحث شده اند را بحث کنیم

netmask ordering چیست و چه کاربردی دارد؟؟
local subnet priority چیست؟؟
glue records چیست و چه کاری انجام می دهد؟؟


با تشکر

سلام
glue records چیست؟
با تشکر

[ARM]

A glue record is the IP address of a name server held at the domain name registry.

Glue records are required when you wish to set the name servers of a domain name to a hostname under the domain name itself.

For example if you wished to set the name servers of example.com to ns1.example.com and ns2.example.com you would need to also provide the glue records (i.e. the IP addresses) for ns1.example.com and ns2.example.com.

If you did not provide the glue records for these name servers then your domain name would not work as anyone requiring DNS information for it would get stuck in a loop:

What is the name server for example.com? -> ns1.example.com
What is the IP address of ns1.example.com? -> don't know, try looking at name server for example.com
What is the name server for example.com? -> ns1.example.com

...and so on.

With the glue record in place the registry will hold the IP address and the loop will not occur:

What is the name server for example.com? -> ns1.example.com
What is the IP address of ns1.example.com? -> [IP Address]

[sharif12]

سلام
ممنون از پاسخ های شما
فرق زمانی که یک new zone میسازیم با زمانی که deligate می کنیم در چیست؟(سمت سرور)یعنی چه رکورد هایی سمت سرور باید ساخته شود؟؟

stub zone چه کارایی دارد و در کجاها استفاده می گردد؟؟


با تشکر فراوان

[ARM]

سوال اولی فکر کنم درست نباشه به این شکل.

این رو بخونید در مورد Delegate


Delegating zones

DNS provides the option of dividing up the namespace into one or more zones, which can then be stored, distributed, and replicated to other DNS servers. When deciding whether to divide your DNS namespace to make additional zones, consider the following reasons to use additional zones:

• A need to delegate management of part of your DNS namespace to another location or department within your organization.
• A need to divide one large zone into smaller zones for distributing traffic loads among multiple servers, improve DNS name resolution performance, or create a more fault-tolerant DNS environment.
• A need to extend the namespace by adding numerous subdomains at once, such as to accommodate the opening of a new branch or site.

If, for any of these reasons, you could benefit from delegating zones, it might make sense to restructure your namespace by adding additional zones. When choosing how to structure zones, you should use a plan that reflects the structure of your organization.


When delegating zones within your namespace, be aware that for each new zone you create, you will need delegation records in other zones that point to the authoritative DNS servers for the new zone. This is necessary both to transfer authority and to provide correct referral to other DNS servers and clients of the new servers being made authoritative for the new zone.


When a standard primary zone is first created, it is stored as a text file containing all resource record information on a single DNS server. This server acts as the primary master for the zone. Zone information can be replicated to other DNS servers to improve fault tolerance and server performance.


When structuring your zones, there are several good reasons to use additional DNS servers for zone replication:

1. Added DNS servers provide zone redundancy, enabling DNS names in the zone to be resolved for clients if a primary server for the zone stops responding.
2. Added DNS servers can be placed so as to reduce DNS network traffic. For example, adding a DNS server to the opposing side of a low-speed WAN link can be useful in managing and reducing network traffic.
3. Additional secondary servers can be used to reduce loads on a primary server for a zone.

Example: Delegating a subdomain to a new zone

As shown in the following figure, when a new zone for a subdomain (example.microsoft.com) is created, delegation from the parent zone (microsoft.com) is needed.


In this example, an authoritative DNS server computer for the newly delegated example.microsoft.com subdomain is named based on a derivative subdomain included in the new zone (ns1.na.example.microsoft.com). To make this server known to others outside of the new delegated zone, two RRs are needed in the microsoft.com zone to complete delegation to the new zone.


These RRs include:

• An NS RR to effect the delegation. This RR is used to advertise that the server named ns1.na.example.microsoft.com is an authoritative server for the delegated subdomain.
• An A RR (also known as a glue record) is needed to resolve the name of the server specified in the NS RR to its IP address. The process of resolving the host name in this RR to the delegated DNS server in the NS RR is sometimes referred to as glue chasing.

stub zone رو که قبلا گفتم.لینکی که دادم مطالعه کنید . خوبه.

stub zone را زمانی استفاده می کنند که میخواهند حجم اطلاعاتی ارسالی از طریق WAN کم باشد و ترافیک زیاد نشود.
stub zones can be used instead of secondary zones to reduce the amount of zone transfer traffic over the WAN link connecting the two companies. To do this, the administrator for Company A would simply log on to one of the domain controllers, open the DNS console, and create a new stub zone that uses one or more of Company B's name servers as master name servers. By making this stub zone an Active Directory Integrated zone, the stub zone will then be automatically replicated to all other domain controllers on Company A's network. Now when a client on Company A's network wants to connect to a resource on Company B's network, the client issues a DNS query to the nearest Company A domain controller, which then forwards the query to one of Company B's name servers to resolve.

[sharif12]

سلام
ایامیشه گفت زمانی netmask ordering داریم که round robin اجرا گردد؟؟
رابطه این دو چگونه است؟؟

با تشکر

[ARM]

در ویندوز ۲۰۰۳؟

[sharif12]

سلام
ایامیشه گفت زمانی netmask ordering داریم که round robin اجرا گردد؟؟
رابطه این دو چگونه است؟؟

با تشکر

در ویندوز ۲۰۰۳؟

بله در ویندوز 2003

[ARM]

لازمه همدیگر نیستند. در کنار همدیگر کار میکنند . در ویندوز سرور ۲۰۰۳ استفاده از هر دو باعث awareness و load balancing میشود.
در ویندوز ۲۰۰۰ سرویس پک های اولیه نمیشد که این دو با هم کار کنند بخاطر همین پرسیدم.
The use of both the netmask ordering feature and the round robin feature provides proximity awareness and load-balancing.