NetAdminWorld - Finding network solutions, not excuses.

Domain Name System (DNS)

Computers communicate with each other using IPv4 or IPv6 addresses. These numbers are not easily remembered by most people so a user-friendly text-based naming system was developed. This system is known as the Domain Name System, (DNS). With this system people can navigate to their favorite websites because for most people, remembering a name is easier than a set of numbers.

Fundamental DNS concepts

Hostname This is the 'friendly' name that the computer has been assigned. Per DNS standards, it can be up to 255 characters in lenght. It's equivalent is a computer's first name.
Namespace This is the name of the domain. It does not have to be an Active Directory domain however. It is comprised of a logical set of hosts that is signified by a name controlled by a server or set of servers.
Fully Qualified Domain Name The Fully Qualified Domain Name (FDNQ) is the hostname appended to the domain's namespace.
HOSTS File This is a text file that maps hostames to IP addresses.
Name Server This is the DNS server that will resolve the FQDN's to their IP addresses. Name servers can also control namespaces for specified domains. They can resolve requests fo that namespace from DNS clients thoughout the network.
Hierarchial Naming Structure The namespace has two parts, the left and right. The left part of the name is a subset of the right part of the name shown in FDQN. Name servers can start at the right side of the name and with the responses from the server can direct it to the correct naming server for a given namespace. (See example below.)

Hierarchial Network Naming Structure

Recursion This process is server-directed and resolves a FQDN. If the server cannot resolve the FQDN with its own information, it will send out a query to other servers. This process comprises root servers and domain name servers. The root servers are on the top of the hierarchial naming structure. The root servers list the name servers that control the top-level domain names. When a query occurs, the following occurs:

  1. The DNS client rquests a name, for example from its DNS server.
  2. Through the recursive process, the DNS server queries the root servers for the '.com' domain name servers.
  3. The root servers give a list of name servers for the '.com' domain.
  4. The DNS then gives a list of the name servers for the '.com' for
  5. It receives another list of name servers for the NetworkAdminWorld domain.
  6. It queries the provided name servers for the FQDN.
  7. The DNS server pulls up the IP address of the www server to the DNS server.
  8. The DNS server passes the IP address to the client.
  9. With the IP address, the client connects with the web server

Delegation This is the allowing of another name server to control a subdomain of a given namespace.
Forwarding This is a lateral request to another name server withing the network. The forwarding server obtains a response and relays it to the origination name server. This is an alternative to the recursion process.
Iteration This is a client-directed process to resolve a FQDN. If a negative request is received from a nameserver, it will query another nameserver.
NetBIOS Naming System This is a legacy naming system. It was used primarily within old Microsoft NT 4.0 networks. However, its processes are still part of the modern day Windows OS, particularly when using non-domain based computers, aka: workgroups.
Service Records Service Records, (SRVs) are records within a DNS namespace to resolve a service to a hostname. This is an essential part of DNS supporting Active Directory.


A namespace has a database known as a zone. On the Internet, there is a DNS server that controls the namespace. If you want the IP address for, this DNS server will look in its zone -the database- to find the answer. On a Windows DNS Server there are four types of zones:

  • Standard Primary
  • Standard Secondary
  • Active Directory Integrated
  • Stub

Now, the stub zone doesn't manage a namespace and is more like a conditional forwarder.

The Standard Primary Zone

The standard primary zone is a text file in which the server maintains the records for a given namespace. When a zone that this DNS server hosts is a primary zone, the DNS server is the primary source for information about this zone, and it stores the master copy of zone data in a local file or in AD DS. By default the primary zone file is named zone_name.dns and it is located in the %windir%\System32\Dns folder on the server.

The Standard Secondary Zone

The standard secondary zone is the read-only copy of the standard primary zone or an Active Directory integrated zone. Through the zone transfer process, replication is performed and configured on the zone's properties. The zone at this server must be obtained from another remote DNS server computer that also hosts the zone. This DNS server must have network access to the remote DNS server that supplies this server with updated information about the zone.

The Active Directory Integrated

This zone is the predominate implementation of Windows DNS servers. Since the Active Directory databases use multimaster replication, changes can be made to the DNS zone on any domain controller and these changes will be replicated to other domain controllers.

The Stub Zone

The stub zone lists only the name server for a given namespace. It holds no control over the zone so it indicates only what server could support name resolution for the namespace. These stub zones can be used for:

  • Keeping delegated zone information current. Updating a stub zone for one of its child zones on a regular basis, the DNS server that hosts both the parent zone and the stub zone will maintain a current list of authoritative DNS servers for the child zone.
  • Improving name resolution. Stub zones enable a DNS server to perform recursion using the stub zone's list of name servers, without having to query the Internet or an internal root server for the DNS namespace.
  • Simplifying DNS administration. Using stub zones throughout your DNS infrastructure can distribute a list of the authoritative DNS servers for a zone without using secondary zones. Stub zones do not serve the same purpose as secondary zones, and they are not an alternative for enhancing redundancy and load sharing.