Configuring Internet access for DNS in Windows Server 2003

Summary
This step-by-step article explains how to configure Internet access for Domain Name System (DNS) in Windows Server 2003 products. DNS is the core name resolution tool used on the Internet. DNS is responsible for parsing between host names and Internet addresses

How to start a stand-alone server running Windows Server 2003 from a stand-alone server running Windows Server 2003 becomes the DNS server for the network. The first step is to assign a static Internet Protocol (IP) address to the server. DNS servers should not use dynamically assigned IP addresses because dynamic changes to addresses can cause clients to lose contact with the DNS server.


Step 1: Configure TCP/IP
Click Start, point to Control Panel, point to Network Connections, and then click Local Area Connection.
Click Properties.
Click Internet Protocol (TCP/IP). , then click Properties.
Click the General tab.
Click to use the IP address below, then type the IP address, subnet mask, and default gateway address in the appropriate boxes.
Click Advanced, then click the DNS tab.
Click to attach the primary and connection specific DNS suffixes.
Click to select the Attach parent suffix of the primary DNS suffix check box.
Click to select the Register addresses for this connection in DNS check box.

Note running Windows Server 2003 DNS server must be specified as the DNS server itself. If the server needs to resolve the name of an Internet Service Provider (ISP) from it, you must configure a forwarder. The forwarder will be discussed in the How to Configure Forwarders section later in this article.
Click OK three times.

Note: If you receive a warning from the DNS Cache Resolver service, click OK to close the warning. The cache parser is trying to get in touch with the DNS server, but you have not completed the configuration of the server.


Step 2: Install the Microsoft DNS Server
Click Start, point to Control Panel, and then click Add or Remove Programs.
Click to add or remove Windows components.
In the list of components, click Network Services (but do not select or clear the check box), then click Details.
Click to select the Domain Name System (DNS) check box, and then click OK .
Click Next.
After getting the prompt, insert the Windows Server 2003 CD-ROM into your computer's CD-ROM or DVD-ROM drive.
When the installation is complete, click Finish on the Completing the Windows Components Wizard page.
Click Close to close the Add or Remove Programs window.

Step 3: Configure the DNS server
To configure DNS using the DNS snap-in in the Microsoft Management Console (MMC), follow these steps:
Click Start, point to Programs, point to Administrative tools, then click DNS.
Right-click on the forward search area and click New Area. When the New Zone Wizard starts, click Next.

You will then be prompted to select the zone type. The zone types are:


Main Zone: Create a copy of the zone that can be updated directly on this server. This area information is stored in a .dns text file.
Secondary area: The standard secondary area copies all information from its primary DNS server. The primary DNS server can be an Active Directory zone, primary zone, or secondary zone configured for zone replication. Note that you cannot modify the zone data on the secondary DNS server. All data is copied from the primary DNS server.
Stub area: The stub area contains only the resource records required to identify the authoritative DNS server for that area. These resource records include Name Server (NS), Start of Authority (SOA), and possible glue host (A) records. There is also an option in Active Directory to store zones. This option is only available when the DNS server is a domain controller.
The new forward lookup zone must be a primary zone or an Active Directory integrated zone so that it can accept dynamic updates. Click Primary, and then click Next. The new zone contains the locator record for the Active Directory-based domain. The zone name must be the same as the name of the Active Directory-based domain or a logical DNS container for that name. For example, if the name of the Active Directory-based domain is "support.microsoft.com", the valid zone name can only be "support.microsoft.com".

Accept the default name of the new zone file. Click Next.

NOTE: An experienced DNS administrator may wish to create a reverse search area, so it is recommended that they delve into this branch of the wizard. The DNS server can resolve two basic requests: forward search requests and reverse search requests. Forward search is more common. Forward search resolves the host name to an IP address with an "A" or host resource record. Reverse lookup resolves the IP address to a host name with a PTR or pointer resource record. If you have configured a reverse DNS zone, you can automatically create an associated reverse record when you create the original forward record.


How to remove the root DNS zone
The DNS server running Windows Server 2003 follows specific steps in its name resolution process. The DNS server first queries its cache, then checks its zone record, then sends the request to the forwarder, and finally tries to resolve it using the root server.

By default, the Microsoft DNS server connects to the Internet to further process DNS requests with root hints. Domain controllers require DNS when promoting a server to a domain controller using the Dcpromo tool. If DNS is installed during the promotion process, a root zone is created. This root zone indicates to your DNS server that it is a root Internet server. Therefore, your DNS server does not use forwarders or root hints during name resolution.
Click Start, point to Administrative Tools, and then click DNS.
Expand ServerName, where ServerName is the name of the server, click Properties, and then expand Forward Lookup Zone.
Right-click on the "." area and click Delete.


How to configure the forwarder
Windows Server 2003 can take advantage of the DNS forwarder. This feature forwards DNS requests to an external server. If the DNS server cannot find the resource record in its zone, you can send the request to another DNS server for further attempts to resolve. A common situation is to configure a forwarder to your ISP's DNS server.

Click Start, point to Administrative Tools, and then click DNS.
Right-click ServerName, where ServerName is the name of the server, and then click the Forwarders tab.
Click on a DNS domain in the DNS domain list. Or click New, type the name of the DNS domain you want to forward the query in the DNS Domain box, and then click OK.
In the Forwarder IP Address box for the selected domain, type the first DNS server you want to forward to. IP address, then click Add.
Repeat step 4 to add the DNS server you want to forward to.
Click OK.


How to configure the root hint
Windows can use the root hint. The root hint resource record can be stored in an Active Directory or text file (%SystemRoot%\\System32\\DNS\\Cache.dns). Windows uses a standard Internic root server. In addition, when a server running Windows Server 2003 queries the root server, it updates itself with the latest root server list. Click Start, point to Administrative Tools, and then click DNS.
Right-click ServerName, where ServerName is the name of the server, then click Properties.
Click the Root Tips tab. The root server of the DNS server is listed in the name server list. How to configure DNS


Proxy and Network Address Translation (NAT) devices can restrict access to ports in the firewall. DNS uses UDP port A and TCP port 53. The DNS Service Management Console also uses RCP. RCP uses port 135. These issues can occur when you configure DNS and firewalls.