DNS Zone properties – Pugazh Network

Zone properties:
1 Name Server – Existing DNS server’s address
2 Zone transfer
3 General (status, type, aging, Dynamic Update)
4 SOA (Serial no., Responsible person, refresh interval)
5 WINS (existing WINS address, used for NetBIOS resolution)

Aging and Scavenging

One of the complexities of running a DNS infrastructure where clients can register their own records is that over time records will build up in your zones for clients that no longer exist, or perhaps have a new name. If you only have a small number of machines on your network, you could likely manage these records yourself through the MMC. On the other hand, if you have hundreds or even hundreds of thousands of machines participating in a single DNS zone, chances are you won’t be able to manage the lifecycle of these records on your own.

Fortunately, since Windows 2000, Microsoft DNS has included a feature called scavenging. Scavenging is a background process that you configure on a per-DNS-server basis to scan all of the records in a zone and remove the records that have not been refreshed in a certain time period. Clients that register themselves with dynamic DNS will automatically refresh their DNS registrations periodically. Windows DNS will store this timestamp as an attribute of the DNS record. By default, Microsoft DNS clients update and refresh their DNS registrations once every 24 hours.

Zone transfer:
Zone transfer is a process of transferring the zone from primary to secondary or secondary to primary. Zone transfers occur when there is a change or modification taken place on either of the zones.

Types of zone transfer:

Asynchronous Full Transfer Zone,
Incremental Zone Transfer

Zone Transfer Practical steps:
On DC
on Primary DNS
Open DNS – right click on zone
Properties
Zone transfer – check box allow zone
Select only to the following servers
Specify the secondary DNS servers IP address
Apply – ok

Zone Transfer: (Sharing Zones)

It’s common for companies to have more than one DNS server for their domains. In fact, the

rules for DNS say that each domain must be hosted by at least two DNS servers for fault

tolerance. However, having multiple DNS servers can be a configuration nightmare, because you would have to update records in multiple locations. Rather than creating this maintenance nightmare, DNS servers can be configured to host secondary zones, which are essentially read-only copies of a primary zone. Configuration changes can be made in the primary zone, then transferred, or replicated, to the secondary zones through a process known as a zone transfer.

Implementing Safe zone transfer:

Creating a secondary zone for (DC) domain name zone:
On member server
Open DNS right click on F L Z next – secondary – specify the DC’s
Domain name (ex: zoom.com)
Specify the DC’s IP address
Next – finish

Move on to DC
Open DNS
DC’s zone properties
Zone transfers
Only on the following
Specify the IP address (secondary)

Move onto member server refresh the zone
This process is we call as safe zone transfer.

Note:1) If the 6 service records are not found in secondary server we need to restart net logon & DNS services on DC & Member server.

2) Still if we can’t find the 6 service records we need to perform a forceful transfer for accessing C drive through command prompt.
Ex. \\sys1\c$

Implementing forceful transfer:
Create secondary zone for dc zone.
On member server
Start – run – \\server name \c$
Open windows\System32\ config\netlogon.dns – open – select all – copy the contents – open my computer of local machine – windows – system32 – DNS open domain name.dns ex. Zoom.com
Come down of the page – paste – save – close –
Open DNS
Should be noticed 6 service files without refreshing.

Dnscmd /Info /SecureResponses.