DNS Function
Domain Name System, better known by its acronym DNS, is an internet standard included in TCP/IP. It serves to translate object names into IP addresses or other resource records. Object names are referred to as domain names and most commonly are hostnames, which are alphanumeric strings that are easier to remember than IP addresses. An example of a domain name is www.samuraj-cz.com
and its corresponding IP address is 193.86.238.17
.
DNS also offers the reverse function, which is translating IP addresses into object names. This is done using so-called PTR records. DNS records today exist not only for hostnames but also for various services. The most commonly used example is the MX record for a mail server. This means we do not need to know either the server's name or its IP address, but only the domain for which we want to find the mail server. This is used by other mail servers when they want to deliver an email (they extract the domain from the email address and find the MX record for it, which is the target of the communication).
The advantage of using internet names is better memorability and the ability to change the physical location of a computer and its IP address while still using the same name. However, for communication using TCP/IP, IP addresses must be used. We can hardly imagine the function of the internet without DNS. Microsoft has also built its corporate environment function - domains - on DNS and uses it, for example, for locating various domain services.
DNS protocol uses ports TCP 53
and UDP 53
for communication. It is defined in RFC 1035 (and various functions in a number of others).
Creating Domain Names
Name space on the internet is divided into domains. Responsibility for managing names within each domain is delegated, typically to systems within that domain. This corresponds to the hierarchical organization of servers and the way domain names are created. According to the delegation of authority, we also talk about zones. Usually, a zone equals one domain, but it can include several domains managed by one authority.
Similar to how IP address ranges are divided into networks and subnets, name spaces are divided into domains and subdomains. However, there does not have to be a fixed link between IP address ranges and domain names. For example, two different domain names can refer to the same addresses.
Domain name space DNS is formed by a tree (hierarchical structure). Each node of the tree contains information about the domain (which it manages, i.e., various records in that domain) and links to subdomains. The root of the tree is the root domain, which is written as a dot (.). Below it are the top-level domains (TLD - Top Level Domain, such as com and cz). Then there are second-level domains (Second Level Domain, such as microsoft.com) and possibly other subdomains.

When we compose a domain name, we use domains from the lowest level and write them from left to right separated by a dot. For example, according to the picture, www.samuraj-cz.com
. The picture is not entirely accurate because www
is not a subordinate domain but a record in the domain samuraj-cz.com
.
For reverse translation of IP addresses into object names, the pseudo-domain IN-ADDR.ARPA
is used. Due to sorting by significance, the reverse form of the IP address is used, e.g., for IP 192.168.0.1
, the DNS record is 1.0.168.192.IN-ADDR.ARPA
.
Zone Files
As mentioned, the domain name tree is divided into zones, which are areas managed by one administrator (organization). A zone contains one (most often) or more domains. The zone also contains authoritative information about the managed domains. This information is provided by an authoritative DNS server, which is considered trustworthy for the zone.
The content of the zone, individual resource records, is stored in a zone file. This is usually a text file. Replication of records can occur between some DNS servers (e.g., between primary and secondary NS), a process known as zone transfer.

Finding a Record in DNS
A standard DNS server performs recursive (repeated) queries. First, it needs to know where to start looking for names in the first layer of the DNS namespace. This information is contained in so-called root hints, which is a list of initial records used by the DNS service to find servers authoritative for the root of the DNS domain namespace tree. Standard root hints contain references to 13 root servers located around the world, providing the technical infrastructure of the internet.

We take the address we want to translate (e.g., www.samuraj-cz.com) and break it down into individual domains gradually from the right. We send a query to the root server for the address of the top-level DNS server (i.e., for com). We get the address of the TLD NS and ask it for the address of the authoritative server for the second-level domain (samuraj-cz.com). And so we can continue further. At the lowest level, we ask for the IP address of the record (www.samuraj-cz.com).
Types of Records in DNS
DNS supports a variety of different record types, each storing different parameters based on the record type. General parameters for all record types include name, class (only IN for internet), TTL (time to live, indicating how long the record can be stored in the cache), record type, and record data. Here are some of the most important types:
- host - address (A) - a common record that contains the address of a computer
- alias - canonical name (CNAME) - another name (alias) for an existing record in the domain
- mail exchanger (MX) - the address of a mail server
- service location (SRV) - the address of a service, such as LDAP, Kerberos, FTP, and others
- name server (NS) - a list of servers that provide DNS services for the domain, found in both the parent domain and the current domain
- pointer (PTR) - used for reverse translation
- start of authority (SOA) - refers to the server where the primary data (primary NS) is located and contains data for zone transfer

Types of Zones
DNS service is a system component on Windows Server 2003. In this DNS, we can create a variety of different zones. The most commonly used is the primary zone, and if we are in an internal network and using a domain, the best choice is Active Directory-integrated.

Primary Zone
- contains the authoritative copy of data for the zone and supports writing and changing it
- the standard primary zone stores the zone database in a text file
- there can be only one primary server (using the main copy of the zone)
Secondary Zone
- contains an authoritative copy of data for the zone, read-only
- added to the primary zone for backup, increasing availability and fault tolerance
- obtains data through zone transfer from the primary server or another secondary server
- zone transfer consumes a lot of bandwidth (can be full or incremental)
Stub Zone
- contains an authoritative copy of data for the zone, read-only
- stores only references to authoritative DNS servers of the domain
- in other words, it is a copy of the zone containing only NS, SOA, and glue A records
- mainly serves to increase the performance of name resolution, avoiding the need to contact multiple DNS servers on the internet and directly finding the authoritative DNS for the domain
Active Directory-Integrated Zone
- it is a primary zone (authoritative with write access)
- the zone database is stored in the Active Directory database (instead of a file)
- this simplifies administration, increases security, and allows automatic replication (along with AD replication)
- can only be used if DNS is installed on a domain controller
- there can be as many of these servers (zone copies) as there are domain controllers (compared to the standard one primary server)
Lookup Zone
For managing the Microsoft DNS service, there is a snap-in for the MMC console. In this console, we connect to a specific DNS server, and under it in the tree, there are several items.
- Cached Lookups - each DNS server typically stores records it has recently looked up for a certain period, so repeated queries can be answered more quickly (to view these records, Advanced View must be enabled)
- Forward Lookup Zones - this is where individual zones are located (there can be multiple on the server), containing name-to-IP mappings
- Reverse Lookup Zones - contains reverse mappings of IP addresses to names (PTR records)

Additional Options
Private Root Zone
For a company's internal network, it is often better (for security and management reasons) to create a separate name space that is isolated from public networks. This is done using an internal DNS root and creating a private DNS root zone on it.
Note: Even in a separate name space, names that already exist on the internet should not be used.
Caching-only DNS
This server does not contain any zone; its purpose is to store resolved queries in the cache so that repeated queries can be resolved immediately.
Forwarding
Forwarding can be translated as forwarding (more precisely, relaying) and is a method useful for deployment in various scenarios.
Forwarding is used to forward a query for an external DNS name to a DNS server outside our network. Unlike the classic behavior (described in detail above), where the search starts with root hints and then follows a series of queries to various servers, for configuring forwarding, we only specify a specific DNS server, and subsequently, all external queries (not resolved by the cache) are forwarded to this server. Upon receiving a response, it is sent to the client.
Using forwarding can be beneficial for security, performance improvement, or better utilization of the internet link.
- In case of poor internet connection, we can optimize name resolution performance by sending all queries through one forwarder (instead of a whole series of query-response connections, there is only one).
- When using forwarding, we can allow communication to only one external DNS server on the firewall, thereby increasing security.
- We can set up conditional forwarding to authoritative servers of certain domains, so we get responses directly from them.
Forwarder sends a slightly different type of DNS query, a recursive query (the queried server must perform recursive queries and send a response), unlike the classic query, which is called iterative.

In Microsoft DNS, Forwarding is set for a specific server on the Forwarders tab. From Windows Server 2003 onwards, we can set up classic forwarding by adding the addresses of the appropriate DNS servers to the All other DNS domains item. And conditional forwarding by adding a new domain and its DNS servers.
Conditional forwarding
Conditional forwarding differs from classic forwarding in that it only forwards queries that meet the specified condition for the domain name.
Inserting and Updating Records
Standard records in DNS are static (manually inserted). However, we can also use automatic insertion and updating of records. This method is called dynamic update. It is most often used in conjunction with a DHCP server; when a client obtains an address from DHCP, it registers it with its name in DNS. Alternatively, we can set the DHCP server to register clients to DNS to whom it assigns an address.
On a Microsoft server, we can set whether dynamic updates are allowed and who can perform them. A client authenticated against Active Directory is considered secure.

Interesting Links
The topic of DNS is much broader than what I have mentioned here. For example, I did not cover how DNS servers communicate with each other or with clients. I did not mention special records and subdomains used by the Microsoft domain. I also omitted information about the possibility of linking DNS and WINS. So here are some links where you can find more details.
- How DNS Works - a very extensive article from general topics to details at MS
- How Does DNS Work?
- Domain name system
Fajn článek, škoda že na Win, ale na Linux si to v hlavě přenesu :)
Diky za pomoc, momentalne se pripravuji na svuj treti exam 70-291 a tvoje clanky me dosti pomahaji.
Prosim radu: Mam pridelovani adres DDNS a mel bych byt jako host jmeno.firma ale nevim odkud mi se stale zobrazuje stare jmeno ktere mel stary notas :( nevim kde to hledat odkud to jmeno furt taha :( diky
Dodatek... Jedna se o RadHat
:-O ahoj . Vie mi niekto poradit...?? potrebujem textove nazvy DNS serverov google- Ako ich zistim....??' DAKUJEM
Jsem laik a přesto musím spravovat W2008 server (AD, DNS).
Docela by bylo fajn rozšířit článek o vkládání záznamů.
Mám (interní) doménu domena.local, server se jmenuje srvdomena. Venku v Internetu máme doménu domena.cz a server, na němž je web.
Netuším jak a kam vložit některé záznamy do DNS W2008, který je uvnitř privátní sítě:
adresa dalsi1.domena.cz ma byt pomocí DNS směrována rovnou na IP venku.
adresa dalsi2.domena.cz má být směrována dovnitř přímo na srvdomena.
Jako jaké záznamy je mám vložit ?
A do jaké zóny (dopředné/zpětné)
A co do nich vlastne zapsat ?
To:respond to [6]qal: Myslím, že je to trochu složitější - podle mne potřebuješ autoritativní záznamy pro minimálně tři domény (2x vperjod, a min 1x nazad). V jedné budou tvé lokální názvy pro "domena".local; ve druhé pro "domena".cz - ta obvykle nebývá spravována lokálně, ale u providera - správce nameserveru; a třetí na reverzní překlad IP adres na doménová jména (např 168.192.IN-ADDR.ARPA).
Krom hlavičky zony budou záznamy hlavně adresní v dopředných zonách (dalsi1.domena.cz IN A 192.168.1.1) a reverzní ve zpětných (1.1.168.192 IN PTR dalsi1.domena.cz)...
A hlavně, pokud chceš provozovat nějaký server na lokální adrese tak, aby byl "vidět zvenčí", tak je třeba využít port-forward nebo nějakou jinou metodu na firewallu, a do vnější domény psát IP adresu toho firewallu, ne koncového serveru... a vhodné je udělat si na to i DMZ, nepropagovat přímo lokální síť.... celý ten dotaz možná vyžaduje rozsáhlější odpověď a to už je asi jiný článek, nebo i placená služba :-)