Configuring DNS in Windows 2000 Server

In a Nutshell - CIW Course Section 3, Part B1, Chapter 2

Although the course discusses this subject in terms of Windows NT 4.0, this may since have been updated, I shall focus on Windows 2000 Server as this is what runs on my server.

Creating Reverse Lookup DNS Records

A reverse lookup record translates an IP address into a alphanumeric name. To create a Reverse Lookup DNS Record you must right-click on the Reverse Lookup Zone leaf and select "New Zone...".

Select "Standard primary" and click "Next". Enter the network portion of the IP address, in this case 192.168.4 and click "Next". Leave "Create a new file" selected and click "Next". Finally, click "Finish" and it should look a little like the image below:

A Ptr needs to be created for each server on the network, at least the one's that need to be reverse looked up. Right-click on "192.168.4.x Subnet" and select "New Pointer...". This time, enter just the host part of the IP address, in this case 4. Enter the FQDN of the server in question and click "OK".

Configuring DNS Servers as Forwarders

A forwarder is the name given to a DNS server that has been customised to forward Internet requests to a specific DNS server. No single DNS server can hold the address of every domain name on the Internet, the DNS server needs to know which other server(s) to ask. This is where forwarders come in. This is where you tell this DNS which server a request should be forwarded to when it cannot be resolved locally. Nearly 100% of DNS servers are configured as forwarders.

In the DNS window right-click the server node and select "Properties". Click the "Forwarders" tab to show the dialog below:

In the above image, Forwarding has been enabled and the IP address of one external DNS server has been added. There can be many forwarding servers, each will be queried in turn.

Creating a Secondary DNS Server

The course's description of a Secondary DNS server made no sense to me, but I managed to find a much better explanation in the Windows 2000 Administration book by George Spalding. A Secondary DNS Server is a read-only copy of the primary or master DNS Server. It can provide load-balancing and redundancy. All changes and updates are made on the primary server and are replicated out to the secondary servers, there may be more than one secondary server.

A Secondary DNS Server is a normal DNS Server configured with a secondary zone. Any server can be both a primary and a secondary zone server, but not for the same domain.

As with the primary zone, right-click the "Forward Lookup Zones" and select "Add Zone...". Select "Standard secondary" and click "Next". Enter the zone name which should probably match the zone name of the primary, but I guess it doesn't need to. Click "Next". Enter the IP address of the primary server and "Add" it to the list, click "Next" and click "Finish".

This would appear to be it, and the course doesn't go into any further detail, but I tried this and it didn't work. The primary server has to be configured to allow zone transfer requests. From the primary server DNS window, select the properties of the forward lookup zone and select the "Zone Transfers" tab. Check the enable box, you can limit the transfers to selected servers, or leave it with any request. It should now work OK.

Secondary Server: Reverse Lookup Zone