Can you remember the IP addresses of your favorite Web sites or do you find it easier to remember www.somesite.com? If you’re like most people, it’s much easier to remember a name than a cryptic address. Domain Name System (DNS) matches names to IP addresses, making navigation on the Internet or your company’s intranet much easier for everyone. In this Daily Drill Down, I’ll explain some of the components of DNS and show you how to configure DNS for your network.
How DNS works
The directory structure of DNS is very similar to the inverted tree design in NDS. The top of the structure is called the root. Underneath the root are the top-level domains, such as .com, .edu, .gov, .net, and so on. Next come company or organization domains, followed by other subdomains of the organization. From this structure come familiar names such as novell.com, support.novell.com, and education.novell.com.
The distributed database used for DNS can be partitioned into DNS zones, just as NDS comprises partitions and replicas. Zones can encompass an entire domain such as .net, or they can be created for a single organization, such as novell.com. A standard zone resolves domain names into IP addresses, permitting easy access to resources without the need to remember the cryptic addresses.
In addition to the standard DNS zones, there are also IN-ADDR.ARPA zones and IP6.INT zones. IN-ADDR.ARPA zones are the opposite of standard DNS zones, resolving IP addresses into domain names. If you know the IP address of a particular domain, the IN-ADDR.ARPA zone will provide you with the correct domain name.
The IP6.INT zone was created to provide DNS services to IPv6 addresses. These zones will resolve domain names to IPv6 addresses. As IPv6 becomes more prevalent, you’ll be seeing many more IP6.INT zones.
The pieces of the DNS puzzle
The DNS database is stored on file servers that are running special software. These DNS servers—also called name servers—store copies, or replicas, of the zones that make up the DNS database. There are two types of name servers: primary and secondary.
The primary name server maintains the names and IP addresses for the zone and holds what is called the authoritative database. The authoritative database receives all changes and then propagates them to the secondary name servers. Primary name servers also store the names of all subzones and the addresses of the DNS servers that are in those zones. The addresses of DNS servers for the root domain and other zones are also stored on the primary name server.
The secondary name server, also called a replica name server, holds a copy of the authoritative database. During a zone transfer, the secondary name server downloads a copy of the authoritative database from the primary name server. All changes to the DNS database are sent to the primary name server and then copied to the replica name server via the periodic zone transfer.
The secondary name server can be located in the same domain as the primary name server, or it can be located outside the domain. If the secondary name server is outside the domain, it provides fault tolerance for the DNS database and increases efficiency by placing the replica close to remote users.
The resource record (similar to a leaf object in NDS) also plays a vital DNS role. It contains data and information about an object, such as a DNS server. For the purposes of this Daily Drill Down, I’ll create two types of resource records: A records and NS records.
As I stated earlier, primary or secondary name servers run special software that provides DNS functionality to the file server. NAMED.NLM provides DNS services on the file server, and DHCPSRVR.NLM provides DHCP services. Both NLMs must be loaded to provide domain-name-to-IP-address resolution.
Creating a DNS server
Okay, now that you know what DNS is, how do you deploy it on your NetWare server? For the remainder of this Daily Drill Down, I’ll show you how. While your network may be much more complex than the one shown here, the principles of DNS remain the same.
The first step in enabling DNS service on your network is creating a DNS server. After launching DNS/DHCP Manager, select the DNS Service tab. To create the DNS server, highlight All Zones, click Create, and select DNS Server, as shown in Figure A.
|Select DNS Server from the Create New Record dialog box in DNS/DHCP Manager to create a DNS server.|
Click OK and you will be presented with the Create DNS Server window. Use the Browse button to select the file server that will be used as the DNS server. Type the file server’s name in the Host Name field and enter the domain name for your organization. Figure B shows the completed window.
Creating DNS Zone objects
The next object that you must configure is the DNS Zone object. Begin by highlighting All Zones. Click Create and select Zone. This brings up the Create Zone window, which allows you to configure the zone. Select Create New Zone, browse to the appropriate NDS Context, and enter the Zone Domain Name, which is the organization domain name (novell.com, for example).
Select the secondary zone type to enable a zone transfer later in the process, and enter the IP address of the DNS server. Finally, assign the Authoritative DNS Server, which is the server that you created earlier. It should be included in the drop-down list, as shown in Figure C.
After clicking OK, you should see a message similar to the one in Figure D, telling you that you must create an A resource record for the host server domain name, as well as a PTR record in the IN-ADDR-ARPA zone. Click OK to clear the message. These objects can be configured later if they are needed.
Creating resource records
The next step is to create an A resource record for the DNS server. Highlight the new zone that was created in the last step, click Create, and select Resource Record. As shown in Figure E, you must enter the DNS server name in the Host Name field, ensure that an A record is selected, and then enter the IP address of the DNS server.
|When you create an A resource record, you must enter the DNS server information in these fields.|
You can complete the initial configuration of the new zone by creating an NS record. The steps are very similar to creating an A record. Highlight your zone, click Create, and select Resource Record. Type the DNS server name in the Host Name field. Select the Others option and use the pull-down menu to select NS. You can use the following syntax to type the DNS Server Domain Name: file_server.domain_name.com. An example of the completed configuration screen is shown in Figure F.
The IN-ADDR.ARPA zone
To provide IP-address-to-name-resolution, you must create an IN-ADDR.ARPA zone. To do this, highlight All Zones, click Create, and select Zone. Select IN-ADDR.ARPA, and browse to the container where the DNS server resides. In the Zone Domain Name field, enter the first octet of the DNS server’s IP address.
Using the IP address from our example, this will create the 192-IN-ADDR.ARPA zone. Select Zone Type Secondary and enter the DNS server’s full IP address. Finally, using the pull-down list, select the authoritative DNS server that was created earlier. A completed IN-ADDR.ARPA zone-creation screen is shown in Figure G.
Time to start the DNS server and force the zone transfer
After you’ve created the basic records for your server, it’s time to turn your attention to the file server. Here you must force a zone transfer for the two newly created zones. Exit the DNS/DHCP Management Console before proceeding.
You can watch the zone transfer take place by toggling to the NAMED console screen. After the zone in has completed, you can perform a zone transfer for the IN-ADDR.ARPA zone. The command is the same, but don’t forget to use your domain name.
Named –zi 192.in-addr.arpa
Making the DNS server a primary server
Now that you’ve completed the zone transfers, it’s time to make your DNS server the primary DNS server. Start things off by making the DNS server the organization zone’s primary DNS server.
Launch the DNS/DHCP Management Console and select the DNS Service tab. Highlight the organization’s zone, select the Primary selection under Zone Type, and click Save. Answer Yes when asked if you really want to make this change. The completed change will look similar to Figure H.
You can follow the same procedure to make the DNS server the IN-ADDR.ARPA zone’s primary DNS server. When the DNS server has been made the primary name server for both zones, you must unload and reload NAMED to restart DNS services.
Configuring the DHCP server for DNS
After you’ve enabled a DNS server on your NetWare server, you can also use the DHCP server we discussed in our previous Daily Drill Down to supply DNS information to your clients. To do this, you must configure the DHCP server to work with the DNS server.
Begin this procedure by clicking the DHCP Service tab and selecting a subnet object. Click the Other DHCP Options tab, and then click Modify. You must scroll down the Option Name table to find Domain Name Server. To make the table easier to read, you can resize the Option Name field. After you’ve found and highlighted the Domain Name Server option, click Add to move it over to the Selected DHCP Options window, as shown in Figure I.
Click the Add button located near the bottom of the window, and you will be presented with a window that asks you to enter the IP address of the DNS server. Enter the address and click OK. Notice that the DNS server’s IP address is displayed in the Domain Name Server window. Click OK at the Modify DHCP Options screen and then click Save. Answer Yes to the question asking if you really want to do this. When you’ve finished making changes, exit the DNS/DHCP Management Console.
Trying it out
After you complete all these procedures, your network should be able to provide DNS services. Before trying out DNS, however, you should verify that both NAMED and DHCPSRVR are loaded on the file server. It’s not a bad idea to unload and load both of these NLMs to ensure that the correct configuration is in active memory. You should also ensure that both load commands have been added to the file server’s Autoexec.ncf file so that DNS and DHCP service will be started again when the server is rebooted.
Before trying to use DNS, also ensure that DNS has been enabled on the client workstation. Neglecting this simple but often-forgotten step can send you on a wild goose chase trying to figure out what you did wrong. To configure DNS on a Windows NT workstation, right-click Network Neighborhood, select Properties, click the Protocols tab, and then click the DNS tab. Enter the domain and add the DNS server’s IP address to the DNS Service Search Order.
To test DNS services on the network, run IPCONFIG /ALL on an NT workstation or WINIPCFG on a Windows 95/98 workstation. You should see the address of your DNS server displayed in the appropriate fields.
Wrapping it up
Configuring DNS can be a very complex and confusing project. There are many pieces to this puzzle, and all of them must be configured correctly. You are also going to be using a new utility and learning new terminology. I strongly recommend that you set up a simple test network and use it to learn how DNS and the DNS/DHCP Manager work. Only when you’re familiar with Novell’s DNS product should you attempt to implement it on a production network.
With that said, I hope you decide to implement DNS services on your network. Once it’s configured and running correctly, you and your customers should enjoy the services that this product provides.
The authors and editors have taken care in preparation of the content contained herein but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.