Microsoft Official Course: Designing and Implementing Name Resolution
Microsoft Official Course: Designing and Implementing Name Resolution
Microsoft Official Course: Designing and Implementing Name Resolution
Module 4
DNS server
Subnet 2
DNS zone
DNS client
Subnet 1
DNS client
DNS server
Subnet 3
DNS zone
DNS client
Selecting DNS Server Roles
Role Situation
• A remote office has a limited amount of available
Caching-only/ bandwidth
Forwarding
servers
• You want to manage the DNS traffic between your
network and the Internet
Same Unique
Subdomain
Namespace Namespace
Same namespace:
• Internal records should not be available externally
• Records may need to be synchronized between internal
and external DNS
Unique namespace:
• Record synchronization is not required
• Existing DNS infrastructure is unaffected
• Clearly delineates between internal and external DNS
Subdomain:
• Record synchronization is not required
• Contiguous namespace is easy to understand
Considerations for Hosting Namespaces
Option Description
• All internal and external DNS are hosted on a
single server
Complete DNS
• Simple deployment
• Poses security risks
• Disk
• Used by traditional primary and secondary zones
• Chosen for integration into existing infrastructure
• Does not require server to be a domain controller
• Active Directory
• Used by Active Directory–integrated zones
• Replicates to all domain controllers automatically
• Allows multiple servers to update zone data
• Combination
• Used to integrate with traditional DNS
• Active Directory–integrated zones act as primary zone to
traditional secondary zones
Discussion: Designing a DNS Zone Strategy
Branch Office 4
Branch Office 3
NWT-DC1
NWT-NS1 NWT-NS2
Head Office
Branch Office 2
Branch Office 1
Considerations for the NetBIOS Name
Resolution
Active Directory–
integrated
zones Secondary zone
Zones Description
Contoso.com
com
Training.contoso. Sales.contoso.com
com Microsoft
Demonstration: Configuring Zone Transfers
NWT-BR-DC2
NWT-PER-NS2
NWT-NS1
NWT-NS2 NWT-PER-NS1
Branch Office 1
Lesson 6: Designing DNS for High Availability
and Security
NWT-DC1
NWT-NS1 NWT-NS2
Head Office
Security
Description
level
• Default configuration
NWT-BR-DC2
NWT-PER-NS2
NWT-NS1
NWT-PER-NS1
NWT-NS2
Head Office Perimeter
NWT-BR-NS1
Branch Office 1
Lab: Designing and Implementing Name
Resolution
Number of
(total across all
Location Servers Branches
branches)
1 at each
Germany branch 100 3
1 at each
Spain branch 250 5
1 at each
Italy branch 250 5
1 at each
Greece branch 75 2
Lab Review
• Review Question(s)