ExamNotes for Network+ N10-007 1.8 Explain the functions of network services
In order to effectively administer DNS in your organization, you need a working knowledge of how the namespace database is arranged. The namespace databases are stored in DNS zone files. These zone files store the data in a number of resource records. Each resource record is designed to hold precise types of data serving specific functions.
A, AAAA – These records hold the name-to-address mapping (conversion) for a given host. The A record stores the mapping in IPv4 compliant format while the AAAA record is the IPv6 equivalent.
TXT – A Text (TXT) record is used to provide freely formatted text to network administrators regarding any network related issues or comments. This record is also referenced by validation and authentication systems such as:
SPF – The Sender Provider framework (SPF) is a TXT file and part of the DNS zone file. It validates the email servers allowed to send email.
DKIM – DomainKeys Identified Mail (DKIM) is an encryption-based authentication method that validates the domain name of emails.
SRV – The SRV (Service) record contains hostname and port details for hosts providing specific services. The SRV record is used for email and FTP among others. For example, H.323 and SIP both require SRV records.
MX – The MX (Mail Exchanger) record supports email traffic by identifying email servers.
CNAME – The Canonical Name (CNAME) record contains the alias for a host’s CNAME. This allows a hostname alias like myorganization to be recognized by its canonical name www.myorganization.com.
NS – The Name Server (NS) record specifies the authoritative name server for a domain. The NS record is used by name servers to locate each other. This record is used to delegate subdomains. An NS record is required for each primary and secondary name server in a domain.
PTR – Consider the Pointer (PTR) record is the opposite of an A record. It supports reverse lookups by providing the IP address-to-hostname information in a reverse lookup zone file (reverse zone). This format is essentially an A record with a reversed IP address listed first followed by the hostname. This differs from a forward lookup zone file (forward zone) in which the A record is used to find the host using the hostname.
Internal DNS vs. External DNS – Typically a company will have two DNS servers, one internal and one external. The external DNS server will be placed in the DMZ and will only provide access to public services like a web server or VPN. The internal DNS serves the domain and is inaccessible from the Internet. Internal hosts requiring Internet communication or external resolution will have their requests forwarded from the internal DNS server to the external DNS server.
Third-party or cloud-based DNS offers several advantages over traditional DNS services. In many cases, it can be more affordable to use cloud-based DNS as it is scalable, resilient, and secure. Administration is simplified. If you opt for a large cloud provider such as Google, you will reap the benefit of reduced latency due to the presence of multiple geographic locations which are available to resolve traffic quickly.
The domain name space is divided into levels as shown in the graphic below. Here, the DNS root servers are shown as a dot at the top. The top-level domain (TLD) servers are labeled as .com, .org, .edu, etc. or by the country code (ccTLD) .us, .uk, or .jp to name a few. The second-level domain servers (SLD) are directly below their TLDs in this hierarchy. These are the domains assignable by domain registrars. Third-level domains are subdomains of SLDs.
Forward vs. reverse zone – See PTR.
There is no doubt that DHCP makes everyone’s life easier, from the end user to the network admin. But since nothing is perfect, some of the DHCP services need to be modified in order to ensure seamless operation. Listed below are some of the options available to manage potential DHCP issues.
MAC reservations – Since dynamic addressing does not work reliably for hosts that must be consistently available, such as a network printer, you can create a MAC reservation on your DHCP server to assign the same IP address to that particular device.
Pools – A DHCP server can be configured to assign addresses from a pre-defined range. This is known as the DHCP scope or DHCP pool.
IP exclusions – Another way to guarantee that a host is consistently available is to statically assign an IP address to it. In order to prevent the address from being assigned in the DHCP environment, an IP exclusion can be configured on the DHCP server.
Scope options – When configuring a DHCP server, it is also necessary to provide additional information to the clients. In addition to the address, the client needs the default gateway address, a primary and secondary DNS server address, and the length of time the address is leased to the client. Known as lease time, this field is a variable time value that once expired, the IP address will be returned from the client back into the address pool for reissue.
TTL – In the DHCP environment, Time to Live (TTL) is a value (usually 20 minutes) assigned to the DHCPOFFER after which the offered address is returned to the pool.
DHCP relay/IP helper – In a network of multiple LANs with different subnets, the DHCP relay agent can allow a single DHCP server to provide the necessary configurations. This is very useful with VLANs. The IP helper address provides support for the rebroadcasting or forwarding of UDP packets across a router. This is not limited to DHCP.
The Network Time Protocol (NTP) is one of the oldest protocols and is used to synchronize the time on packet switched networks. Time synchronization is crucial to systems and processes that update data. A program may ignore your data update if the update is older than its latest saved data.
IP Address Management (IPAM) is software that can track, plan, and manage IP addressing on networks. It is widely available from vendors and third-parties. Microsoft’s implementation automatically discovers IP address infrastructure and DNS servers on your network, enabling you to manage them from a central interface.
That’s all for objective 1.8 and main domain 1.0 – Good luck on the test!