Part 2: Querying a DNS Server As indicated in the previous figure, the client queries a preferred DNS server. The actual server used during the initial client/server query is selected from a global list. When the DNS server receives a query,it first checks to see if it can answer the query authoritatively based on resource record information contained in a locally configured zone on the server. If the queried name matches a corresponding resource record in local zone information, the server answers authoritatively, using this information to resolve the queried name.If no zone information exists for the queried name, the server then checks to see if it can resolve the name using locally cached information from previous queries.
Pash wrote: Many thanks for the link, very helpful. I think the instructor I had a couple of years ago always thought that cache was checked first, this is why I was lost as his notes and diagram suggest differently. I thought I used to have this stuff nailed
sprkymrk wrote: Pash wrote: Many thanks for the link, very helpful. I think the instructor I had a couple of years ago always thought that cache was checked first, this is why I was lost as his notes and diagram suggest differently. I thought I used to have this stuff nailed The client will usually* check it's cache first to do name resolution, maybe that's what you were thinking?*Based upon the node type setting
DarbyWeaver wrote: The DNS Server or the local workstation etc. will always check its cache FIRST when it is either non-Authoratative or if is a worstation.
Pash wrote: DarbyWeaver wrote: The DNS Server or the local workstation etc. will always check its cache FIRST when it is either non-Authoratative or if is a worstation. Sorry now im lost. How does it know if it is a non-authoratative server without checking it's zone file first?
royal wrote: Pash wrote: DarbyWeaver wrote: The DNS Server or the local workstation etc. will always check its cache FIRST when it is either non-Authoratative or if is a worstation. Sorry now im lost. How does it know if it is a non-authoratative server without checking it's zone file first? Well, it still has to look at the zone file first to know whether or not it has a zone. It then looks at cache first since it knows it's non-authoritative. Just like the DNS Whitepaper states.
Slowhand wrote: Threads like this are very interesting for me, and helpful, too. It's been almost a year since I finished my MCSA, and since then my employer's had me doing trivial tasks with Server 2003, nothing at all to do with DNS, RRAS, AD, or anything of the like. Also makes me a little sad, really, because it means I'll probably have to read through my 70-291 book all over again, or at least watch the CBT Nuggets, before I plug away at the 70-293 material, since I've forgotten all too much in this past year or so.
Pash wrote: http://www.markpashby.co.uk/files/studydiagrams/How-DNS Servers.pdf Does that make an ounce of sense to anyone? I think I get it after staring at it for the last few hours .
royal wrote: Do you have any plans to finish your MCSE? Also, how is your CCNA studies going?
royal wrote: Pash wrote: http://www.markpashby.co.uk/files/studydiagrams/How-DNS Servers.pdf Does that make an ounce of sense to anyone? I think I get it after staring at it for the last few hours . That diagram made my head hurt when I first looked at it! I didn't look at it too much because I'm taking an exam soon. I just tried looking it over again but the page cannot be displayed. Do you have the pdf saved, I wouldn't mind taking a more in depth look at it.
How Iteration Works Iteration is the type of name resolution used between DNS clients and servers when the following conditions are in effect: • The client requests the use of recursion, but recursion is disabled on the DNS server. • The client does not request the use of recursion when querying the DNS server. An iterative request from a client tells the DNS server that the client expects the best answer the DNS server can provide immediately, without contacting other DNS servers. When iteration is used, a DNS server answers a client based on its own specific knowledge about the namespace with regard to the names data being queried. For example, if a DNS server on your intranet receives a query from a local client for “www.microsoft.com”, it might return an answer from its names cache. If the queried name is not currently stored in the names cache of the server, the server might respond by providing a referral — that is, a list of NS and A resource records for other DNS servers that are closer to the name queried by the client. When iteration is used, a DNS server can further assist in a name query resolution beyond giving its own best answer back to the client. For most iterative queries, a client uses its locally configured list of DNS servers to contact other name servers throughout the DNS namespace if its primary DNS server cannot resolve the query. The Windows Server 2003 DNS Client service does not perform recursion.
royal wrote: This is in the DNS Whitepaper: How Iteration Works Iteration is the type of name resolution used between DNS clients and servers when the following conditions are in effect: • The client requests the use of recursion, but recursion is disabled on the DNS server. • The client does not request the use of recursion when querying the DNS server. An iterative request from a client tells the DNS server that the client expects the best answer the DNS server can provide immediately, without contacting other DNS servers. When iteration is used, a DNS server answers a client based on its own specific knowledge about the namespace with regard to the names data being queried. For example, if a DNS server on your intranet receives a query from a local client for “www.microsoft.com”, it might return an answer from its names cache. If the queried name is not currently stored in the names cache of the server, the server might respond by providing a referral — that is, a list of NS and A resource records for other DNS servers that are closer to the name queried by the client. When iteration is used, a DNS server can further assist in a name query resolution beyond giving its own best answer back to the client. For most iterative queries, a client uses its locally configured list of DNS servers to contact other name servers throughout the DNS namespace if its primary DNS server cannot resolve the query. The Windows Server 2003 DNS Client service does not perform recursion. There's a couple things I am trying to think out in my head. The query from the internal caching server to the ISP caching server is recursive and not iterative. I am pretty sure this is because recursion is disabled (will not try to go for root hints when the query fails). As for the resolver doing an iterative request, look above. The client actually does recursion itself. The Secondary dns server in this case should be replying back with a referral answer and then the client should be contacting the caching server. Because of this, I think the diagram is incorrect on the secondary server contacting the caching server.
royal wrote: Well, if the dns server has recursion disabled, the client in essence will attempt iteration through a referral from the DNS server. The client will then use a referral from the DNS server on the next server that the dns server thinks is the best way to contact the dns server it needs. So for example, if the client contacts it's locally configured primary/secondary dns server to find microsoft.com, and the dns server has recursion disabled, the dns server will reply with the records needed for the client to contact the root servers directly or a forwarder. If the client is manually configured to not request recursion, but instead is configured to send an iterative query, the dns server will then respond with a referral to those root servers or a configured forwarder. Does this help?
