Troytec - Admin Network

An unauthorized DHCP server may either lease incorrect IP addresses to clients or negatively acknowledging DHCP clients. Clients that obtain a configuration lease from the unauthorized server can fail to locate valid domain controllers, preventing clients from successfully logging on to the network. For the directory authorization process to work properly, it is necessary that the first DHCP server introduced on to your network participate in the Active Directory service. The server must be installed as either a domain controller or a member server. The authorization process for DHCP server computers in Active Directory depends on the installed role of...
Nội dung trích xuất từ tài liệu:
Troytec - Admin Network Implementing, Managing and Supporting Windows 2000 Network Infrastructure Concepts DNS in a Windows 2000 Network Infrastructure DNS Overview DNS is the name service for Internet addresses used to translate friendly domain names to numeric IP addresses. Microsoft's web page, http://www.microsoft.com translates to 207.46.130.149. A host computer queries the name of a computer and a domain name server cross-references the name to an IP address. Windows 2000 clients use DNS for name resolution and locating domain controllers for logon. In the DNS, the clients are resolvers and the servers are name servers. DNS uses three components: resolvers, name servers, and the domain name space. A resolver sends queries to a name server. The name server returns the requested information, a pointer to another name server, or a failure message, if the request cannot be satisfied. Resolvers Resolvers pass name requests between applications and name servers. The name request contains a query, such as the IP address of a Web site. The resolver can be built into the application or may be running on the host computer as a library routine. Name Servers A name server contains address information about other computers on tile network. Name servers are grouped into domains. Access to each computer in a given group is controlled by the same server. If the name server is not able to resolve the request, it can forward the request to another name server. Root-Level Domains Domains define levels of authority in a hierarchical structure. The top of the hierarchy is called the root domain. References to the root domain are expressed by a period (.). Top-Level Domains Top-Level Domains include the following: arpa Reverse DNS com Commercial organizations edu Educational institutions and universities gov Nonmilitary government organizations mil Military government organizations ) net Networks (the backbone of the Internet num Phone numbers org Non-profit organizations xx Two-letter country code Second-Level Domains Second-level domains contain hosts and other domains, called subdomains. Host Names The domain name is used with the host name to create a fully qualified domain name (FQDN). The FQDN is the host name followed by a period (.), followed by the domain name. Zones A zone is the administrative unit for DNS. It is a subtree of the DNS database that is administered as a single, separate entity. It can consist of a single domain or a domain with subdomains. The lower-level subdomains of a zone can also be split into separate zones. Name Server Roles The minimum number of DNS servers for each zone is two - a primary and a secondary. The existence of both servers provides for database redundancy and a level of fault tolerance. Primary Name Servers Primary name servers get the data for their zones from the local DNS database files. When a change is made to the zone data the change must be made on the primary DNS server so that the new information is entered in the local zone file. Secondary Name Servers Secondary name servers get their zone data file from the primary DNS server that is authoritative for that zone. Zone transfer is the process of the primary DNS server sending a copy of the zone file to the secondary DNS server. Secondary servers allow for redundancy, quicker access for remote locations, and load balancing. Primary or secondary designation is defined at a zone level because information for each zone is stored in separate flies. A particular name server may be a primary name server for certain zones and a secondary name server for other zones. Caching-Only Servers Caching-only servers are DNS name servers that perform queries, cache the answers, and return the results. No zone data is kept locally. They contain only information that they have cached while resolving queries. Less traffic is generated between servers because the server is not doing a zone transfer. Caching-only servers can be used if you have a slow connection between sites. DHCP in a Windows 2000 Network Infrastructure DHCP Overview DHCP centralizes and manages the allocation of TCP/IP configuration information by automatically assigning IP addresses to computers configured to use DHCP. Each time a DHCP client starts, it requests IP address information from a DHCP server, including the IP address, the subnet mask, and optional values. The optional values may include a default gateway address, Domain Name System (DNS) address, and Windows Internet Name Service (WINS) server address. When a DHCP server receives a request, it selects IP addressing information from a pool of addresses defined in its database and offers it to the DHCP client. If the client accepts the offer, the IP addressing information is leased to the client for a specified period of time. If there is no available IP addressing information in the pool to lease to a client, the client cannot initialize TCP/IP. Windows 2000-based clients can automatically configure an IP address and subnet mask if a DHCP server is unavailable at system start time through Automatic Private IP Addressing (APIPA). The Windows 2000 DHCP client service goes through the following process to autoconfigure the client: · The DHCP client tries to locate a DHCP server and obtain an address. · If a DHCP server does not respond or cannot be found, the DHCP client auto-configures its IP address and subnet mask using a selected address from reserved Class B network, 169.254.0.0, with the subnet mask 255.255.0.0. · The DHCP client then tests for address conflicts. If a conflict is found, the client will retry autoconfiguration for up to 10 addresses. · Once the DHCP client succeeds in selecting an address, it configures its net- work interface with the IP address. The client continues to check for a I ...