In today’s article we will further discover some of the DNS protocol features. We will see how to add and configure new DNS records to a server. If you are interested in this naming resolution protocol then this is probably one of the most important lessons to read because every device which uses this service service depends on its DNS record. In the last article we’ve configured a new DNS zone some of its parameters. A newly configured zone will have two DNS records configured by default: a SOA record and a NS record. I will discuss about each of these two records in turn:
The SOA or Start of Authorityrecord – defines the rules on which the DNS zone is guided, it modifies its behavior and influences how frequent zone transfers are made. For now let’s open our newly configured zone and double click the SOA record to explore its properties:
On the first window that opens there are multiple elements that needs to be discussed before proceeding further. I will explain each of these properties in turn from top to bottom:
Serial number – it is a numerical identifier that determines the number of DNS record changes made on the zone. Each time a record is added or modified, the serial number is incremented. Because zone transfers are configured between different servers this number must be the same on each DNS server. Every secondary zone will query the master DNS server to determine if the server has the same revision number as them. If the number is greater than the one stored on the secondary zone, a zone transfer will be triggered. This process is also called a SOA query. Increasing the revision number manually will also force secondary zones to perform a zone transfer from the master server.
Primary server – is the master DNS server that hosts the primary zone. In this case it will be the name of the server on which we’ve configured the zone.
Responsible person – the username of the person responsible for the zone. By default it will be hostmaster.domain-name.
Refresh interval – this parameter specifies the time interval between SOA queries. Every secondary server will wait for the duration specified in this field, before attempting to make such request to the master server. The default value for this parameter is 15 minutes.
Retry interval – once a SOA query is made and the revision number is determined to be lower than the one stored in the master server, a DNS zone transfer is made. If for whatever reason the transfer is not successful, the secondary server will wait the specifiedretry interval before attempting to request another zone transfer. By default, the retry interval of a Windows DNS server is set to 10 minutes.
Expires after – if a server does not receive any contact from the master DNS server for a period specified in the expires after parameter, the server will not accept any more DNS queries. Bu default this value is set to one day.
Minimum (default) TTL – this parameter specifies the time that needs to pass before a record is marked as invalid. The record will then be flushed by the DNS server and the server will need to contact the master server for that resource. This setting is applied to all DNS records hosted in a zone. A primary zone will always contain the records for the zone so this option is applied only for secondary servers. The default value for this parameter is set to one hour.
TTL for this record – specifies the expiration time for the SOA record.
On the Name Server tab of this pannel you can specify the DNS servers that host the zone:
On the primary zone you have to specify the DNS servers manually because the primary zone does not accept dynamic updates from other DNS servers for the zone for which it’s authoritative. Press the Add button and specify the FQDN of each server:
For each of the DNS servers specified here a NS (Name Server) recordwill be created.
A and AAAA records – these are also known as host records and are one of the common type of DNS records. Host records contain mappings between computer names and IP addresses. The A record is used for computers with IPv4 addresses and AAAA is used for computers with IPv6 addresses. Usually, the A, AAAA and PTR records are updated by the DHCP server. There are cases in which this operation must be done manually, for example when adding a Linux machine. To add a host record, right click the zone’s name and click on the New Host (A or AAAA) button:
When creating a host record the name and IP address of the computer must be specified. Check the two boxes to create associated pointer (PTR) recordand/or allow any authenticated user to update DNG records with the same owner name:
When you ping a computer by its name, the request for the A record is sent to the DNS server. If the response is successful then it means that the A or the AAAA record has been configured properly on the server. If the response is not successful then verify the host record or force the DNS registration on the workstation by typing ipconfig /registerdns from a command prompt:
PTR records – these records contain mappings between IP addresses and names. The PTR records are configured and used only in reverse lookup zones so a requirement before creating such record is that a reverse lookup zone must be added to the DNS server. The reverse lookup zone will specify if the PTR records are for hosts that use IPv4 or IPv6 addresses. PTR records can be added automatically when creating a host record, by a DHCP server or manually using the DNS console. After creating the reverse lookup zone, right click it and select New Pointer (PTR). If you are using multiple reverse lookup zones with different subnets, verify the host IP address before creating the record manually. In the New Resource Record window you’ll have to specify the host’s IP address and name:
records – these records are used mainly by web servers to create aliases for certain applications. A canonical name
is configured to point to a certain server that hosts a website/service. Suppose you have the website www.ittrainingday.com
, this is actually a CNAME record for a website hosted on a web-server. When typing the CNAME of a website in the browser, the DNS client service will query the authoritative DNS server to find the machine hosting the website. You can create multiple CNAME records pointing to the same host or one CNAME record pointing to multiple servers. To create a new alias record, right click the zone’s name and select New Alias (CNAME)
. You’ll have to type in the alias name and the FQDN of the target host:
SRV or Service locatorrecords – when integrating the DNS service with Active Directory, multiple SRV records will be automatically created. For example, the _kerberos, _ldap or _gc records specify the port number and the name of the server that hosts that particular service in the domain:
If we click one these records we can visualize their parameters. It is recommended that you do not change settings configured in these records. You can add multiple SRV records for the same service in case one service becomes unavailable. For this failover mechanism to function, you’ll have to create a new SRV record that points to the server hosting the service. The record with the highest priority number will be used by default. If the server becomes unavailable then the record with the second highest priority will be used and so on. The Weightparameter is used when load balancing is configured:
If you want to add a SRV record manually, right click the zone’s name and click on the Other New Records button. Scroll down and select the Service Location (SRV) record:
MX records – “Mail exchanger (MX) record. Provides message routing to a specified mail exchange host that is acting as a mail exchanger for a specified DNS domain name. MX records use a 16-bit integer to indicate host priority in message routing where multiple mail exchange hosts are specified. For each mail exchange host specified in this record type, a corresponding host address (A) type record is needed. (RFC 1035)”:
To create a MX record right click the zone’s name and select New Mail Exchanger (MX). Another method to create such record is by clicking on the Other New Records button and selecting the Mail Exchanger (MX) record from the list:
When creating such record you’ll have to enter the record’s name, the FQDN of the mail server and the server’s priority when there are multiple MX records used:
These are the main records that are configured on a DNS server. There are other special records that are not used so often. You can read and discover them in the Other New Records section. I think that we’ve covered enough ground for today, hope you’ve understood the elements described here. If you have any questions feel free to add a comment on our website. Wish you all the best and stay tuned for the following articles.