DNS
Q. What is DNS?
A. DNS provides name registration and name to IP Address resolution capabilities. And DNS drastically lowers the need to remember numeric IP addresses when accessing hosts on the Internet or any other TCP/IP-based network.
Before DNS, the practice of mapping friendly host or computer names to IP addresses was handled via host files. Host files are easy to understand. These are static ASCII text files that simply map a host name to an IP address in a table-like format. Windows ships with a HOSTS file in the \winnt\system32\drivers\etc subdirectory
The fundamental problem with the host files was that these files were labor intensive. A host file is manually modified, and it is typically centrally administrated.
The DNS system consists of three components: DNS data (called resource records), servers (called name servers), and Internet protocols for fetching data from the servers.
A. DNS is the name resolution system of the Internet. Using DNS allows clients to resolve names of hosts to IP addresses so that communication can take place. DNS is the foundation upon which Active Directory is built.
Q. How DNS Works?
A. DNS uses a client/server model in which the DNS server maintains a static database of domain names mapped to IP addresses. The DNS client, known as the resolver, performs queries against the DNS servers. The bottom line? DNS resolves domain names to IP address using these steps
Step 1: A client (or “resolver”) passes its request to its local name server. For example, the URL term www.idgbooks.com typed into Internet Explorer is passed to the DNS server identified in the client TCP/IP configuration. This DNS server is known as the local name server.
Step 2: If, as often happens, the local name server is unable to resolve the request, other name servers are queried so that the resolver may be satisfied.
Step 3: If all else fails, the request is passed to more and more, higher-level name servers until the query resolution process starts with far-right term (for instance, com) or at the top of the DNS tree with root name servers
Below is the Steps explained with the help of a chart.
Figure 8-5: How DNS works
Q. What is the TCP/IP port no. used for DNS services?
A. 53/TCP, UDP is used for DNS services.
Q. What are the basic requirements (Hardware/Software) to implement the Windows DNS server?
A. Server Hardware Requirements:
Microsoft's suggested minimum hardware requirements (and some Microsoft recommendations) for Windows Server 2003 (Standard) is listed here:
· CPU speed: 133MHz (550MHz recommended)
· RAM: 128MB (256MB recommended; 4GB maximum on Standard Server)
· Disk space for setup: 1.5GB
· CD-ROM drive: 12X
· Monitor: Super VGA capable of providing 800 x 600 resolution
Q. Explain DNS Zones?
A. A zone is simply a contiguous section of the DNS namespace. Records for a zone are stored and managed together. Often, sub-domains are split into several zones to make manageability easier. For example, support.microsoft.com and msdn.microsoft.com are separate zones, where support and msdn are sub-domains within the Microsoft.com domain.
Q. Explain zone file?
A. The database in a DNS server that contains the translations (mappings) between domain names and IP addresses. A zone file is made up of "resource records," which are lines of text that define the forward lookup of domains to IP, the reverse lookup of IP to domains as well as the names of DNS and mail servers. Records for aliases and other related information.
Q. What is Primary DNS Zone?
A. A primary DNS server holds the "master copy" of the data for a zone, and secondary servers have copies of this data which they synchronize with the primary through zone transfers at intervals or when prompted by the primary.
Q. What is Standard Primary DNS Server?
A. Standard primary zone holds a master copy of a zone and can replicate it to all configured secondary zones in standard text format. Any changes that must be made to the zone are made on the copy stored on the primary.
Q. What is Active Directory Integrated DNS server?
A. Active Directory–integrated zones are available only on Windows 2000 and 2003 DNS servers in an Active Directory domain. The zone information is contained within the Active Directory database and is replicated using Active Directory replication. Active Directory–integrated zones provide an increased level of replication flexibility as well as security. Active Directory–integrated zones also operate in a multi-master arrangement because they are hosted within Active Directory itself; this way, any DNS server (domain controller) hosting the Active Directory–integrated zone can update the zone data.
Q. What is Secondary DNS Zone?
A. A standard secondary zone holds a read-only copy of the zone information in standard text format. Secondary zones are created to increase performance and resilience of the DNS configuration. Information is transferred from the primary zone to the secondary zones.
Q. What is STUB Zone?
A. Microsoft has introduced support for stub zones for the first time in Windows Server 2003. A stub zone contains only those resource records that are necessary to identify the authoritative DNS servers for that zone. Those resource records include Name Server (NS), Start of Authority (SOA), and possibly glue host (A) records. (Glue host records provide A record pointers to ensure that the master zone has the correct name server information for the stub zone.)
Q. What is Forward Lookup?
A. Forward Lookup – resolves hostname to IP address. Forward Lookup zones supply the main DNS mechanism for finding Hosts (A), Name Servers (NS) or Service (_gc).
Q. What is Reverse Lookup?
A. Reverse Lookup – resolves IP address to hostname. I think of Reverse Lookup as a hacker’s tool, they can PING a server's IP address and then they use a Reverse Lookup query to discover the hostname. In truth, Reverse Lookup is required by NSLookup, DNSLint and other utilities.
Q. What's the difference between a zone and a domain?
A. Although the two terms can seem as if they are used interchangeably, there is a difference. A DNS domain is a segment of the DNS namespace. A zone, on the other hand, can contain multiple contiguous domains.
For example, quepublishing.com is a DNS domain. It contains all the information for that specific portion of the DNS namespace. sales.quepublishing.com is another example of a domain, which is contiguous with the quepublishing.com domain; in other words, the two domains "touch." So, if you were to create a DNS forward lookup zone on your DNS server, it could contain records for both domains. Zones allow for the logical grouping and management of domains and resource records on your DNS servers.
Q. How WINS Works?
Q. What is the TCP/IP port no. used for WINS services?
Q. How does DNS relates with ADS?
Q. What is Host File?
Q. What is Firewall? What are the essential settings are used in Firewall?
Q. What is VPN?
WINS
Q. What is WINS?
A. WINS (Windows Internet Naming Service) resolves’ Windows network computer names (also known as NetBIOS names) to Internet IP addresses, allowing Windows computers on a network to easily find and communicate with each other.
Q. How WINS Works?
A. By default, when a computer running Microsoft® Windows® 2000, Windows XP, or a Windows Server 2003 operating system is configured with WINS server addresses (either manually or through DHCP) for its name resolution, it uses hybrid node (h-node) as its node type for NetBIOS name registration unless another NetBIOS node type is configured. For NetBIOS name query and resolution, it also uses h-node behavior, but with a few differences.
For NetBIOS name resolution, a WINS client typically performs the following general sequence of steps to resolve a name:
1. Client checks to see if the name queried is its local NetBIOS computer name, which it owns.
2. Client checks its local NetBIOS name cache of remote names. Any name resolved for a remote client is placed in this cache where it remains for 10 minutes.
3. Client forwards the NetBIOS query to its configured primary WINS server. If the primary WINS server fails to answer the query--either because it is not available or because it does not have an entry for the name--the client will try to contact other configured WINS servers in the order they are listed and configured for its use.
4. Client broadcasts the NetBIOS query to the local subnet.
5. Client checks the Lmhosts file for a match to the query, if it is configured to use the Lmhosts file.
6. Client tries the Hosts file and then a DNS server, if it is configured for one
Q. What is the TCP/IP port no. used for WINS services?
A. 137
Q. What are the basic requirements (Hardware/Software) to implement the Windows WINS server?
A. Hardware Requirement:
- Pentium 4 - 2.8 GHz with 2 GB RAM
- 80 GB Hard drive/7200RPM
- Recommended hard drive division: 20 GB System Partition and 60 GB Data partition
- 100 Mbps Network adaptor or better
- Screen Resolution: - 1024 X 768 pixels, 256 colours (65,536 colours recommended)
Software Requirement:
- Windows® Server 2003 Standard Edition SP1 or higher installed.
- Application Server Role installed:
- Internet Information Server 6.0
- ASP.NET
Q. What is Primary & Secondary WINS Server?
A. WINS servers can act as either a primary WINS server or a secondary WINS server to a client. The difference between primary and secondary WINS servers is simply the priority in which clients contact them. A primary WINS server is the first server a client contacts to perform its NetBIOS name service operations. A client contacts a secondary WINS server only when a primary WINS server is unable to fulfill the request, for example if it is unavailable when the client makes the request or unable to resolve a name for the client.
If a primary WINS server fails to fulfill a request, the client makes the same request of its secondary WINS server. If more than two WINS servers are configured for the client, the client tries the additional secondary WINS servers until the list is exhausted or one of the WINS servers successfully responds to the request. After a client uses a secondary WINS server, it periodically tries to switch back to its primary WINS server for future name service requests.
Q. How does DNS relates with ADS?
A. Active Directory, which is an essential component of the Windows 2003 architecture, presents organizations with a directory service designed for distributed computing environments. Active Directory allows organizations to centrally manage and share information on network resources and users while acting as the central authority for network security. In addition to providing comprehensive directory services to a Windows environment, Active Directory is designed to be a consolidation point for isolating, migrating, centrally managing, and reducing the number of directories that companies require.
You must have DNS to run Active Directory but don't need Active Directory to run DNS in a Windows 2000/20003 environment. AD relies heavily on DNS.
Q. What is Host File?
A. The "Hosts" file in Windows and other operating systems is used to associate host names with IP addresses. Host names are the www.yahoo.com addresses that you see every day. IP addresses are numbers that mean the same thing as the www words - the computers use the numbers to actually find the sites, but we have words like www.yahoo.com so humans do not need to remember the long strings of numbers when they want to visit a site.
We can put names and addresses into the Hosts file so your computer does not have to ask a DNS server to translate the domain name into an IP number. This speeds up access to the host site you want to see because your computer no longer has to query other systems on the Internet for the address translation
Q. What is LM Host File?
A. A text file in a windows network that provides name resolution of NetBIOS host names to IP addresses. The LMHOSTS files were the Windows counterpart to the HOSTS files in UNIX, but have long since given way to the WINS naming system. LM stands for "LAN Manager," the name of Microsoft's earlier network operating system (NOS).
Q. What is Firewall? What are the essential settings are used in Firewall?
A. A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized internet users from accessing private networks connected to the internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
There are several types of firewall techniques; the 3 basic are as given below:
- Packets filter: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
- Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose performance degradation.
- Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
- Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.
Q. What is Proxy server?
A. In an enterprise that uses the Internet, a proxy server is a server that acts as an intermediary between a workstation user and the Internet so that the enterprise can ensure security, administrative control, and caching service. A proxy server is associated with or part of a gateway server that separates the enterprise network from the outside network and a firewall server that protects the enterprise network from outside intrusion.
Q. What is VPN?
A. VPN gives extremely secure connections between private networks linked through the Internet. It allows remote computers to act as though they were on the same secure, local network.
Q. What are the types of protocols used in VPN?
A. There are two types of protocols used in VPN those are PPTP & L2TP.
A. There are two types of protocols used in VPN those are PPTP & L2TP.
PPTP: Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a virtual private network (VPN) across TCP/IP-based data networks. PPTP supports on-demand, multi-protocol, virtual private networking over public networks, such as the Internet.
L2TP: Layer 2 Tunneling Protocol is an emerging Internet Engineering Task Force (IETF) standard that combines the features of two existing tunneling protocols: Cisco's Layer 2 Forwarding and Microsoft's Point-to-Point Tunneling Protocol. L2TP is an extension to the Point-to-Point Protocol (PPP).
Q. What is Terminal Services?
A. Terminal Services is a component of Microsoft Windows operating systems (both client and server versions) that allows a user to access applications or data stored on a remote computer over a network connection. Terminal Services is Microsoft's take on server centric computing, which allows individual users to access network resources easily.
No comments:
Post a Comment