dns questions...

[Robert Bollinger]

Hello All -

I have been studyibng the finer points of dns and have some questions....

What is the difference between a delegated zone and subdomain ?

If you create a new zone file with the name "parent.windows.com"
and you have a zone called "windows.com" already existing on the DNS
server... Is that "parent.windows.com" zone automatically
delegated from the "windows.com" zone?

also in the names resolution process (internet) when i lookup a name
for a site; i know the proceess is this:

ROOT >> TLD >> Authortative Server for the requested domain....

But who holds responsibility for the "TLD Servers" where are they?

Please explain as simply (but completely) as possibile.... I have done
alot of reasearch and just need to have the questions answewred...


Thanks,

Robert

 

[Jorge de Almeida Pinto [MVP]]

a subdomain is a container below another container (subdomain) or a zone

a delegated zone is some part of an existing zone (a subdomain) that has
been delegated to one or more other DNS servers. this you can distribute the
namespace to other servers and you do not have to keep ALL on one set of
servers.

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx

 

[Kevin D. Goodknecht Sr. [MVP]]

Hello All -

I have been studyibng the finer points of dns and have some
questions....

What is the difference between a delegated zone and subdomain ?

A sub domain will contain A, CNAME, MX and other records for resolving the
sub domain, but will not contain NS records. Delegated sub zones contain
only NS records for the DNS servers that have the Fully Qualified Child
zone.

If you create a new zone file with the name "parent.windows.com"
and you have a zone called "windows.com" already existing on the DNS
server... Is that "parent.windows.com" zone automatically
delegated from the "windows.com" zone?

You must create your own delegation, except in the case of the _msdcs
delegation Win2k3 creates during Dcpromo.

also in the names resolution process (internet) when i lookup a name
for a site; i know the proceess is this:

ROOT >> TLD >> Authortative Server for the requested domain....

But who holds responsibility for the "TLD Servers" where are they?

It depends on the TLD and Root, gTLD servers for com and net are maitained
by Verisign, but other TLDs such as edu, org, biz and two letter country
code TLDs are maitained by other companies are controlled by IANA. There
are other TLDs in alternate roots maintained by other companies and
organizations, all is fine so long as all roots agree on who is in control
of what TLD, There was some big confusion a few years back when ICANN added
the biz TLD and gave control to a conflicting company when the biz TLD had
been in existence for many years in other roots.

Please explain as simply (but completely) as possibile.... I have done
alot of reasearch and just need to have the questions answewred...

As you can see, there is no simple answer, as there is more than one root
and hundreds of TLDs. But, for the most part you will deal with the ICANN
Root because it is default on most DNS servers.

 

[Robert Bollinger]

Hmmm...


So when I go to:

the dns console (the mmc snap in) and i choose "New DOmain" under the
existing domain
i am adding a sub-domain (same zone file, same dns server). That i
understand.

When i create a new zone file i am creating new name space that is not a
subdomain of an existing domain? except when i did this:

myfqdn.com >>> parent zone file

Then i did this: myhouse.myfqdn.com as a seperate zone file i checked the
..dns file and
sure enough it said "Delegated" - becuase the parent domain name is still in
charge of the
delegated zone file?

Plase add some more light to this.. thanks,.

Robert

"Jorge de Almeida Pinto [MVP]"

 

[Jorge Silva]

Hi

Adding to other's response

- Active Directory and DNS have the same hierarchical structure. Although
separate and implemented differently for different purposes, an
organization's namespace for DNS and Active Directory have an identical
structure. For example, domain01.com is both a DNS domain and an Active
Directory domain.

DNS zones can be stored in Active Directory. If you are using the Windows
Server DNS service, primary zone files can be stored in Active Directory for
replication to other Active Directory domain controllers.

- Active Directory uses DNS as a locator service, resolving Active Directory
domain, site, and service names to an IP address. To log on to an Active
Directory domain, an Active Directory client queries its configured DNS
server for the IP address of the Lightweight Directory Access Protocol
(LDAP) service running on a domain controller for a specified domain.

- While Active Directory is integrated with DNS and they share the same
namespace structure, it is important to distinguish the basic difference
between them:



- DNS is a name resolution service. DNS clients send DNS name queries to
their configured DNS server. The DNS server receives the name query and
either resolves the name query through locally stored files or consults
another DNS server for resolution. DNS does not require Active Directory to
function.

- Active Directory is a directory service. Active Directory provides an
information repository and services to make information available to users
and applications. Active Directory clients send queries to Active Directory
servers using LDAP. In order to locate an Active Directory server, an Active
Directory client queries DNS. Active Directory requires DNS to function.


--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

 

[Robert Bollinger]

Ok so i got the subdomain part down.

I was trying to use my dns server as the ICANN tld server meaning
I was treating "morehost.mydomain.com" as though it was registered
underthat name by the registrar.

but only mydomain.com was registered, so naturally it failed the test of
dnsreports.com.

----- >>>>

Beucase the dns resoultion process goes "." >>> "Com" >>> "Com servers"
Whoo-Hoo my domain.com (The registered name by ICANN).

Robert

 

[Kurt]

And to add to Jorge's post, in a delegated zone (which is a sub-domain), the
higher-level dns server has a zone for the sub-domain, but does not store
records or perform lookups. Rather, it proxies lookups back to the DNS
server which has been delegated authority for the zone. Normally DNS is a
forward progression when lookups occur. In an AD domain structure like
this::

Public DNS server as forwarder
|
domain.local
/ \
a.domain.local b.domain.local

If "a.domain.local" and "b.domain.local" were both SOAs for their zones, "a"
would not be able to resolve "b" addresses and vice versa. The domain.local
DNS server could host all three zones, but it may be a burden or there may
be other administrative reasons why this would not be a good idea. By
creating a zone for "a" and "b" on the "domain.com" server and delegating
the zones back, "a" can resolve "b" and vice-versa without having the actual
records hosted on the higher level server. This solves not only logistical
problems, but political ones as well

....kurt