Installing and Configuring DNS in Windows Server 2008

Before installing DNS it is imperative that the server has a static IP address. DNS is installed using the Server Manager Utility. N.B. DNS is not available on Windows Server 2008 Web Edition or machines running Windows XP or Vista. Although DNS can be remotely managed from these machines.

Use the buttons below to navigate through the lesson

To install DNS using the Server Manager click on Start.

Select Server Manager. Or from the Quick Launch Taskbar.

Select Roles.

Then Add Roles.

Before you continue verify that;

You can skip this page by default

Click Next to continue

Select DNS Server

Select DNS Server then Click Next to continue

Although the server has a static IP address. The wizard has detected a dynamic IP V6 address, it is safe to continue the install.

Select Install DNS Server anyway

Click Next to continue.

For Additional Information click the links.

Click Next to continue.

Click Install to complete installation.

The DNS Server role is now installed.

The DNS Server role installation succeeded.

Click Close to complete the wizard.

The DNS Server role has been added.

Server roles can also be removed from here.

Expand Roles

Select DNS Server.

A feature of Server Manager is by highlighting any server role. You will be given an overview of that role, Events, System Services and Resources and Support.

The DNS Server role is installed, you now need to add zones to the server. To do this you need to return to the start menu. N.B. If no zones are added this server will be a Caching only server.

Creating a Zone

Forward Lookup

A Forward lookup is the most common form of DNS lookup. This type of lookup converts a hostname into an IP address. A Forward Lookup-Zone contains Name to IP Address mappings. Each zone file consists of a number of resource records (RR’s). Resource records (RR’s) contain information about certain resources on the network.

To add zones to the server. Click Start> Administrative Tools> DNS

Expand by clicking the + next to the DNS server

To add a New Forward Lookup Zone Right click Forward Lookup Zones.

Click New Zone.

Select Primary Zone and Next to continue Fill in the Zone name. N.B. The zone name must be Fully Qualified ie end in .com, .local, etc. and Next to continue.

The wizard will ask you where you want to store the zone file. Click on Next to accept the default. The Wizard will ask you if you want to accept dynamic updates. As the wizard shows there are drawbacks for having it enabled but there are also drawbacks for having it disabled.

Click on Next to continue.

Click on Finish to create the zone.

The zone file currently contains two resource records, the SOA and NS records.

Reverse Lookup

A Reverse Lookup-Zone contains IP Address to Name mappings. This allows the computer to do reverse queries, some applications need to be able to make reverse lookup queries. Reverse Lookup Zones contain the following Resource Records.

Pointer Record: (Does the opposite of the A record it maps an IP address to a host name. By having the two types of records it is possible to do a reverse lookup.)

CNAME (Alias)

The Start of Authority (SOA) record

The Name Server Record (NS)

Right click Reverse Lookup Zones and Select New Zone.

Select Next.

Select Primary Zone

Select IPv4 Reverse Lookup Zone. and Next to continue.

Type in the Network ID and Next to continue

Select Create a new file with this file name

and Next to continue

The Wizard will ask you if you want to accept dynamic updates. As the wizard shows there are drawbacks to having it enabled, but there are also drawbacks for having it disabled.

Click on Next to continue.

The Wizard will display summary page. Click on Finish to continue. The zone file currently contains two resource records, the SOA and NS records.

Stub Zone

A stub-zone contains a partial copy of another zone. The zone contains only the NS and SOA records for its master zone. A stub zone is similar to a secondary zone, but it contains only those resource records necessary to identify the authoritative DNS servers for the master zone. Stub zones are often used to enable a parent zone like to keep an updated list of the name servers available in a delegated child zone, such as They can also be used to improve name resolution and simplify DNS administration.

To add a New Stub Zone Right click Forward Lookup Zones. Select New Zone

Click Next. Select Stub Zone and Next to continue

Select Active Directory Zone Replication options, click Next to continue

Type in the name of the new zone and click Next.

Type in the IP address of the server or the server’s Fully Qualified Domain Name(FQDN). Press Enter

When the IP address of the server or the server’s Fully Qualified Domain Name(FQDN) has been verified, Click Next

The wizard displays summary page, if all is OK click Finish.

The resource records for the new Stub Zone.

DNS Server – Properties

Right-click on the DNS to view its configuration options. Select Properties.

From the Interfaces page you can configure which IP addresses you want the DNS server to serve requests for. The default is All IP addresses. From the Forwarders page, additional DNS servers can be specified. This DNS server will forward unknown queries to the specified DNS servers. The advanced page allows you to configure different advanced options by simply ticking a check box. The disable recursion checkbox allows recursion to be disabled on this server. It is then down to the client to query other DNS servers if this DNS server cannot answer the query. BIND Secondaries enables support when transferring a zone to DNS servers running BIND. (BIND is the implementation of DNS used by Unix and Unix-like systems.)

Fail on load if bad zone data stops the server from loading if there are any errors in the zone file.

Determines whether the DNS server uses round robin to rotate and reorder a list of multiple host (A) resource records if a queried host name is for a computer with multiple IP addresses.

Enable Netmask Ordering is enabled by default. If the client has various IP addresses the server resolves the query with the nearest IP address. Secure cache against pollution specifies whether the server attempts to clean up responses to avoid cache pollution.

There are three methods used for name checking: Multibyte (UTF8) – Permits recognition of characters other than ASCII (a-z, A-Z and 1-0). Strict RFC (ANSI) – Strict name checking according to RFC 1123 Internet host naming specifications. Non RFC (ANSI) – Permits names that are non-standard and that do not follow RFC 1123 Internet host naming specifications. The Load zone data on startup specifies the boot method to be used by this DNS server. Either boot file or registry boot options are supported.

Boot files can be used if a “Boot.dns” file has been created. By enabling scavenging, the DNS server will remove any records that have expired from any zone files it is authoritative for. The period represents the time between repetitions of the scavenging process.

DNS Servers contain root hints, which point to various top-level domains. This enables the DNS Server to recursively query other servers using the root server. Additional root hints can be specified by clicking the Add button. The Monitoring page allows you to automatically test the DNS server. Select A simple query against this DNS server. Click Test Now.

The Server passed the simple query. A recursive query would require connection to the internet in order to query a Root Server.

From the Event Logging tab the user is able to choose events that can be logged such as Error or Errors and Warnings.

Logging is generally a good option because it allows you to troubleshoot any potential DNS problems.

Debug logging allows you to enable verbose logging for the DNS service. Use this option with caution as it can generate a lot of information.