Options

Learning DNS

SlowhandSlowhand Mod Posts: 5,161 Mod
Well, I've been seeing a lot of people taking the 70-291 test, lately, and it seems like the non-passing curve is rising. From what I can tell, the culprit tends to be DNS, for the most part. (Although, RRAS isn't exactly my idea of an easy "A", if you know what I mean.)

I have a suggestion, something I mentioned in a previous thread, and I thought I'd dedicate a topic to it. For the last month and a half, I've been working for a datacenter/ISP, doing a lot of different things. One of the main things I've been involved with has been taking calls about DNS updates, DNS changes, DNS troubleshooting, and we also did an upgrade of all of our DNS servers. The things I learned while studying for my MCSA has definately helped, and I would be completely lost without them, but I think I see what I should have done when I first started studying.

We use two BSD servers, running ISC's BIND, for our DNS servers. Having to do everything through the command-line has been a learning experience, in itself, but moreso than that, having to do all the DNS configuration by hand has been very enlightening. What I've come to realize is that Microsoft's DNS server is great, and I really like all the features it comes with, but it can be a very bad learning tool if you're studying DNS concepts, in general. You become reliant on Microsoft's GUI configuration environment, and sometimes it's easy to miss what's actually happening behind the scenes. It becomes a crutch, and that can be IT death for those of us needing to understand DNS well enough to be tested on it.

What I recommend to anyone studying for the 70-291 test, or even if you're trying to learn DNS in general, is to install BIND from ISC's website and begin using it. Install it, set it up, and configure it just like you would the Microsoft DNS server, just the way your training material tells you to. Once you've managed to set up DNS "the hard way", being forced to use the text files and command-line tools to do it, you'll definately have a much better idea of how DNS actually works. After that, go back and practice on Microsoft's DNS server, and you'll see how much you actually understand and how much is actually happening when you click those buttons.

Aside from getting that kind of hands-on experience, I really do recommend getting some video training. My top choices are TestOut, CBT Nuggets, and TrainSignal (check out Lab 4 for DNS on Windows Server 2000/2003).

Passing the 70-291 test is doable. It's hard, but it's just a test. You just have to make sure you're ready, and learning DNS makes it much easier to deal with. If anyone has any other suggestions for learning DNS, other resources, or have any good stories to tell on the subject, feel free to post it to this thread.

To everyone testing, I wish you luck and I hope that this thread will help.

Free Microsoft Training: Microsoft Learn
Free PowerShell Resources: Top PowerShell Blogs
Free DevOps/Azure Resources: Visual Studio Dev Essentials

Let it never be said that I didn't do the very least I could do.

Comments

  • Options
    blackzoneblackzone Member Posts: 82 ■■□□□□□□□□
    I don't see the benefit. Find it better to learn from windows directly.

    Good thing with GUI is you see directly all the possible things you can do.

    Bad thing with config file is alot of times you don't even know you can perform something since it require you to add a name tag to the file.

    There really isn't anything special. You can make a GUI utility which edit the config files directly.
  • Options
    deneb829deneb829 Member Posts: 292
    blackzone wrote:
    I don't see the benefit. Find it better to learn from windows directly.

    There really isn't anything special. You can make a GUI utility which edit the config files directly.

    I agree with Slowhand. I don't think he is saying learn BIND to the exclusion of learning the Windows DNS interface. It is the concept of DNS itself that Slowhand is talking about. I have used both BIND and Windows DNS and have a fair amount of exposure to both, but the GUI interface will not teach you the guts of DNS.

    Windows will teach you about Zones and Record types, but it's SOA, TTL, Serial, Refresh, Expire, and TXT that is limited in Windows. Yes you can edit these things, but you do not need to specifically add them to each record to make DNS work in Windows.

    If you don't use Active Directory integrated DNS you can actually view the zone file on the C drive. For compatibilty, it uses BIND format. Once you work with a few records in the BIND format, you'll find the whole thing is pretty straight forward.

    I am not some anti-Microsoft, UNIX freak. I seriously love Microsoft products, but I also appreicate the uses for Unix-based systems as well.
    There are only 10 types of people in this world - People who understand binary and people who do not.
  • Options
    SlowhandSlowhand Mod Posts: 5,161 Mod
    blackzone wrote:
    Bad thing with config file is alot of times you don't even know you can perform something since it require you to add a name tag to the file.

    That's the very reason I recommend people to learn DNS by working with a server, like BIND, that forces them to use the command-line and configuration files. Most people don't know what they can or need to do, that's true, but Microsoft expects that kind of understanding of DNS. You should be able to do everything on the CLI that you can do in the GUI, and that requires a solid understanding of the underlying concepts.

    A few good books to check out, for people looking to learn:
      DNS and BIND (5th Edition)
        Pro DNS and BIND
          DNS & BIND Cookbook
            DNS on Windows Server 2003
              Active Directory Cookbook for Windows Server 2003

              Free Microsoft Training: Microsoft Learn
              Free PowerShell Resources: Top PowerShell Blogs
              Free DevOps/Azure Resources: Visual Studio Dev Essentials

              Let it never be said that I didn't do the very least I could do.
            • Options
              sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
              Slowhand wrote:
              blackzone wrote:
              Bad thing with config file is alot of times you don't even know you can perform something since it require you to add a name tag to the file.

              That's the very reason I recommend people to learn DNS by working with a server, like BIND, that forces them to use the command-line and configuration files. Most people don't know what they can or need to do, that's true, but Microsoft expects that kind of understanding of DNS. You should be able to do everything on the CLI that you can do in the GUI, and that requires a solid understanding of the underlying concepts.

              Correct me if I'm wrong, but aren't many of the config files in *nix commented pretty heavily so you know what each section of the file is/does? Maybe not so on the simple /etc/hosts or /etc/resolv.conf, but I seem to remember that once you install BIND the default named.conf is commented liberally.

              I agree that learning this stuff is all good. I'm not sure that everyone will need/want to go to the extreme of installing and playing with BIND in order to pass a MS exam, but like anything else, the more you put into it the more you get out of it.
              All things are possible, only believe.
            • Options
              SlowhandSlowhand Mod Posts: 5,161 Mod
              I'm not suggesting absolutely everyone go with the full-on BIND install. However, some of those people who are taking the exam two or three times, may want to consider it.

              And I believe you're right, most of the files are commented. Some even go so far as to have sample code commented out, so you can look and see what a basic configuration looks like.

              Free Microsoft Training: Microsoft Learn
              Free PowerShell Resources: Top PowerShell Blogs
              Free DevOps/Azure Resources: Visual Studio Dev Essentials

              Let it never be said that I didn't do the very least I could do.
            Sign In or Register to comment.