Welcome to article number 22 in my 70-240 in 15 minutes a week series. This week's article covers a final look at DNS in Windows 2000. This includes a look at host name resolution, associated utilities, integration with WINS, and advanced DNS configuration in Windows 2000. This article again falls into the networking services portion of the 70-240 exam.
The material to be covered in this article includes:
- Host name resolution
- Name resolution utilities
- Integrating DNS with WINS
- Advanced DNS Configuration
Host Name Resolution
Many people confuse the ideas of a host name and a NetBIOS name when first attempting to understand the concepts. Simply put, a host name is an alias for an IP address -a name that is easier to remember than a 32-bit number. If a system doesn't have an IP address, it doesn't have a host name, and talking about host name resolution is then a non-issue. The reason for some of the confusion is that traditionally, the host name and NetBIOS name on a Windows-based system are the same by default, although this needn't be the case, since they can be different. The process of having a host name and attempting to find the associated IP address is referred to as host name resolution, and can be accomplished using two main facilities - the HOSTS file, and DNS.
The HOSTS file is a text file found in the %systemroot%\system32\drivers\etc directory on a Windows 2000-based system. This static file is used by the local system to resolve host names to an associated IP address. This is the first place from which a system will attempt to resolve a name, so it is important that it does not contain incorrect entries. Note also that the files is parsed from top to bottom, such that if multiple entries for a name exist, the first found will be used and the others ignored. An example HOSTS file is shown below.
Any entries proceeded by a # symbol are considered comments. Note that HOSTS files were the original name resolution facility on the Internet prior to the creation of DNS. The size of the files eventually made this method impractical, but the simplicity of the file as a name resolution facility make then useful, even today.
DNS was invented largely due to the scalability issues associated with the creation and maintenance of a single flat text file for name resolution on the Internet. The Domain Name System is a distributed database of information maintained on DNS servers (actually more of a series of distributed localized text files called zone files). Having explored the process of DNS name resolution in previous articles, I will not repeat it here. If you still do not understand the basics of DNS resolution, please visit the series article archive found at http://windows.2000trainers.com/coursesandarticles/70-240/. However, remember that the main purpose of DNS is to take a host name (or fully qualified domain name) and resolve it to an IP address. DNS forms the naming backbone of the Internet, via the 13 root name servers and thousands of other DNS servers that currently exist. (see the cache.dns file in the %systemroot%\system32\dns\samples directory for the root server list, or the Root Hints tab from the DNS server's properties)
Name Resolution Tools and Utilities
A number of hostname resolution utilities and facilities exist that you should be aware of in Windows 2000. These include nslookup, the monitoring tab of the DNS server properties, ipconfig switches, and netdiag.
Nslookup is the most common DNS hostname resolution troubleshooting utility. In effect, this tool is used as a command-line resolver, a DNS client that sends queries of different types to a DNS server and returns a response. This tool provides a quick and easy way of testing whether or not host name queries are capable of being properly resolved via DNS. For example, to test resolution of the server at 10.1.1.1, you could issue the command nslookup 10.1.1.1 192.168.1.200, and be returned the hostname associated with the IP address 192.168.1.200 if DNS is correctly configured.
The Monitoring tab found in the properties of a DNS server also provides a quick way to assess DNS resolution (although I would argue that it can be less reliable at times based on experience), via a simple or recursive query test. The screenshot below outlines the options available, which include the ability to schedule these tests to run automatically.
A simple query sends a query from the local resolver (client) to the locally configured DNS server. The recursive query goes a step farther, with the client asking the server to use recursion to find a name server for the root (".") domain. This provides a method to ensure that root hints (the list of root servers) and / or forwarding are configured correctly.
Netdiag - although this tool can be used to test many network connectivity and associated issues, it can also be used specifically to troubleshoot DNS-related issues. When issued using the Netdiag /test:DNS command, Netdiag will check to see whether the computer is correctly registered in the listed DNS servers, while also verifying that the DNS cache service is running. When used with the /fix option, Netdiag will attempt to re-register the host in DNS if the entries found are not consistent.
Ipconfig - although most commonly used to view IP address configuration information, the ipconfig command has 3 switches directly related to DNS. The /displaydns switch, allows you to view the DNS entries recently resolved and cached on the client. The /flushdns switch clears the client DNS cache. Finally the /registerdns switch forces the client to attempt name and address registration with the configured DNS server(s).
Event Viewer DNS Server Log file - found on Windows 2000 DNS servers, this Event Viewer log file will provide information on errors and other important information relating to the DNS service. This should be used as a first point of contact when troubleshooting DNS-related issues. The System log should also be consulted for issues relating to client-side resolution problems.
DNS Logging - Another option for monitoring your DNS servers is to configure then to using DNS logging, which logs selected DNS event information (as shown below) to a dns.log file in the %systemroot%\system32\dns folder on the server. This is configured from the Logging tab on the DNS server's properties, but may cause performance degradation on the server. It should be used only for troubleshooting purposes.