top of page
Search

Understanding Microsoft Windows DNS Server (2019/2022)

Updated: 1 day ago

Article :: KB00027

🌐 What is a DNS Server and Why Do We Use It?


The Domain Name System (DNS) is the Internet’s equivalent of a phonebook. It translates human-friendly domain names (like www.microsoft.com) into IP addresses (like 20.190.128.18) that computers use to identify each other on the network.


A DNS Server:

  • Resolves domain names to IP addresses (forward lookup)

  • Resolves IP addresses to domain names (reverse lookup)

  • Supports load balancing and fault tolerance using DNS records

  • Plays a critical role in Active Directory-based networks for domain controller location and replication

DNS is essential because:

  • It eliminates the need to memorise complex IP addresses

  • Ensures efficient routing of internet and intranet traffic

  • Enables the smooth functioning of services like email and directory lookups




🔌 Ports Used by DNS Server and Clients

Role

Protocol

Port Number

Description

DNS Client

UDP

53

For standard DNS queries

DNS Server

TCP/UDP

53

TCP is used for zone transfers; UDP is used for queries

Zone Transfer

TCP

53

DNS servers replicate zone data

Dynamic Updates

UDP/TCP

53

Clients register/update records

Note: Ensure that firewalls and security appliances allow these ports for DNS to function properly.



🔁 DNS Resolution Process Flow

Here’s a simplified view of the DNS process:

Flowchart of DNS query process: Client to Local DNS Resolver to Root DNS Server to TLD Server to Authoritative DNS Server, returning IP.








This entire flow usually takes milliseconds thanks to caching and efficient resolver algorithms.


🧾 What is a DNS Query?


A DNS query is a request made by a client (like your browser or computer) to a DNS server to resolve a hostname (e.g., www.example.com) into its corresponding IP address (e.g., 93.184.216.34). This process allows users to access websites using readable names instead of memorising IPs.


🔍 Types of DNS Queries

Query Type

Description

Recursive Query

The DNS client demands a complete answer. If the server doesn’t have it, it does the work of contacting other DNS servers until it finds the answer.

Iterative Query

The DNS server returns the best information it has. If it doesn’t know the answer, it refers the client to another server.

Inverse Query

This query maps an IP address back to a domain name. Used mostly for network troubleshooting or logging.

The image will showcase how these queries travel from a client to various DNS servers: the local resolver, the root server, TLD server, and eventually the authoritative DNS server.

Diagram showing DNS query process: a client sends queries to a Local DNS Resolver, which interacts with Root, TLD, and Authoritative DNS servers.
Figure2 - DNS Query

🚀 DNS Forwarders: What & Why?


Forwarders are DNS servers designated to handle queries that your DNS server can’t resolve locally. Instead of going through the root DNS hierarchy, your DNS server forwards those requests to a forwarder, streamlining resolution and improving performance.

Types of Forwarders

Type

Description

Standard Forwarder

All unresolved queries are forwarded to another DNS server.

Conditional Forwarder

Only queries for specific domains (e.g., contoso.com) are forwarded to a defined DNS server. Useful for internal networks and partner domains.

Forwarders are especially useful in:

  • Reducing external DNS traffic

  • Speeding up name resolution via caching

  • Enforcing security and content filtering policies


🧹 What is DNS Scavenging?


Over time, DNS zones accumulate stale records—entries for devices that no longer exist or have changed IPs. DNS scavenging is the automated cleanup process that removes these outdated records.

Why It's Important:

  • Keeps DNS zones tidy and efficient

  • Prevents resolution errors due to stale data

  • Reduces administrative overhead

How It Works:

  1. Scavenging relies on timestamped records (only dynamically created records are eligible)

  2. It’s configured on both the server and zone levels

  3. You define the ageing/scavenging interval to suit your environment (e.g., 7 days, 14 days)


⚠️ Be cautious with scavenging settings—incorrect configurations can lead to the unintended deletion of active records.


🛠️ DNS in an Active Directory Environment


In AD-integrated environments, DNS serves a dual purpose:

  • Facilitates locating domain controllers and services using SRV records (e.g., ldap.tcp.dc._msdcs.)

  • Stores AD zone data in Active Directory, allowing:

  • Secure and automatic replication across domain controllers

  • DNS record security via AD permissions

  • Dynamic DNS updates from domain-joined clients


Best practice: Always install and configure DNS on at least two domain controllers for redundancy and load distribution.


🧾 Key Things to Remember Before and After Installing DNS


📌 Before Installation

  • Ensure the server has a static IP address

  • Plan DNS naming convention (e.g., internal zones should end in .local or company-specific domains)

  • Decide between a primary zone, a secondary zone, or an AD-integrated zone

  • Disable any unnecessary third-party firewall rules that block port 53


✅ After Installation

  • Configure forwarders to upstream DNS servers (like Google DNS 8.8.8.8 or your ISP)

  • Set up reverse lookup zones for proper IP-to-hostname resolution

  • Create the necessary host (A) and alias (CNAME) records

  • Validate installation using tools like nslookup, ping, and the DNS Manager console

  • Regularly monitor event logs and configure ageing/scavenging to prevent stale records



Hope you liked the article.


If you liked this article, do share the same. You can also Buy me a Coffee using Paypal at "paypal.me/duttaavijit", This is purely a volunteer effort. THANK YOU !!!




Comments

bottom of page