- Interact with Azure Cosmos DB with PowerShell - Tue, Sep 14 2021
- Azure health services: Track Microsoft cloud outages and maintenance - Wed, Sep 8 2021
- Powerline: Customize your PowerShell console - Tue, Aug 31 2021
The screenshot below shows the relevant section from the 70-640 exam blueprint on configuring DNS server settings.
What we will do here is cover each of the aforementioned bullet points by providing (a) very brief definitions of each technology; and (b) links to relevant Microsoft resources to foster your certification study.
Exam 70-640 Domain 1, Subobjective 2: Configure DNS server settings
We configure Windows Server 2008 DNS servers as forwarders in order to facilitate the resolution of host names that exist outside of our Active Directory forest. These could be Internet host names or hostnames from other corporate external networks. Conditional forwarding allows administrators to granularly control forwarding to specifically listed DNS domains.
Root hints ^
The root hints file is a sort of HOSTs file (statically maintained) that a DNS server uses for external host name lookups. A Windows administrator can disable root hints, update it periodically with the names and IP addresses of the Internet root servers, or populate a custom list of root hints entries.
Zone delegation ^
Zone delegation means transferring the authority of part of your DNS namespace to another group or individual. For instance, we might decide to create a DNS delegated subdomain called lab.4sysops.com and give over authority of that domain to our developers. We ourselves would maintain control of the root domain, 4sysops.com.
Round robin ^
Round robin is any easy method for establishing load balancing among two or more replica DNS servers. The purpose of Round Robin is to increase host name resolution efficiency and to conserve network load on your DNS servers.
Disabling recursion ^
By default, Windows Server 2008 DNS servers use recursion to satisfy name resolution requests on behalf of client devices. The recursion process uses a “walking the DNS tree” metaphor and involves the possibility of querying multiple internal and external DNS servers. To heighten network security, DNS servers that do not need to receive recursive queries should have recursion disabled.
Debug logging ^
Windows Server 2008 DNS administrators can enable debug logging in the DNS server as a troubleshooting method. Because the debug logging process, which captures detailed information on DNS query and name resolution traffic, involves significant CPU, memory, and disk space overhead, we should enable debug logging only for the duration in which it is required.
Server scavenging ^
As we already know, we establish zone-wide defaults for resource record aging in the start of authority (SOA) resource record properties. Windows Server 2008 DNS Server has the capability of scouring (or scavenging) its DNS zones and purging outdated records. This scavenging process works both for standard primary zones as well as for Active Directory-integrated zones.
A note for your consideration: I hand-picked every Microsoft URL in these articles. As you doubtless noticed, some of the articles are formally geared toward a previous version of Windows Server. Don’t be put off by that! I’ve found that in some cases the quality and accuracy of older Microsoft whitepapers and support articles are superior to their ultra-current counterparts. If you do notice a discrepancy, please make a note of it in the comments portion of this post, and I will post a correction immediately.
In the next post in this series I will discuss a sample practice question for the DNS Server settings subobjective.