Newbie Questions

[Kevin Darcy]

Kevin Vaughn wrote:

> Thank you for taking the time to read this post.  I have recently been given
> the project of upgrading my company's internal DNS servers.  Before this I
> have had no experience with DNS other than using nslookup every once in a
> while for troubleshooting purposes.
>
> I have bought the O'reilly book which is turning out to be invaluable.  So
> far I've set up BIND 8.2.4 on a Windows NT 4 Server.  I have built all of my
> zone files.  I have worked out my syntax errors to the point that BIND
> doesn't register errors in the Widnows NT event viewer anymore.
>
> My first question/problem is this - In my zone files I have entered
> domaintest.com where domain is my actual domain name (i.e. www.domain.com).
> Is this all I need to do to create the domaintest.com domain?  I have
> purposefully not registered this test domain because it is temporary.  As
> soon as I am done setting up the servers I am going to change the testdomain
> to our real domain.  Does lack of registration imply internal DNS?  I have
> not been able to answer this question from the O'Reilly book or from the
> Internet.

If it's not registered, it's not delegated from the "com" servers. So other
nameservers won't be able to follow the delegation chain and find the zone. The
only nameservers/resolvers which will be able to resolve names in the zone are
those which have explicit definitions for the zone in their config files, or
those which recursively have access to those explicitly-configured servers.

> My second problem may tie into the first - when I use nslookup I am getting
> "Unknown" under "Server:"  I have double-checked my syntax which seems to be
> correct.  I feel like I may be omitting something on accident.  I currently
> have a single NS record set up for each zone file (the secondary DNS server
> isn't set up yet).

Is your reverse DNS set up and working? nslookup is trying to resolve an
address into a name and apparently is unable to do so.

> One more question - Can you tell me what the difference is between Dynamic
> DNS and Static DNS, or refer me to some information that does?  When I do an
> Internet search all I'm getting is ISPs that offer dynamic names.

Unfortunately, the meaning of the term "Dynamic DNS" seems to be splintering.
In strictly protocol terms, there is something called "Dynamic Update" (see
RFC 2136), which just refers to a method of updating DNS data from a client.
Sometimes people refer to this process of the client updating the server
through the Dynamic Update protocol (or, more accurately, the Dynamic Update
part of the DNS protocol) as "Dynamic DNS". In BIND terms, the
"allow-update" is the main thing you need to configure to enable a particular
zone for Dynamic Update (but don't try to maintain it manually after that!).

But also, increasingly I hear "Dynamic DNS" being used in a less precise way to
mean any form of rapid DNS update in response to changing conditions, e.g.
reassigning a DNS name to a different address because a dialup client got a
different address from the DHCP server. Such "Dynamic DNS" services may not be
using the Dynamic Update protocol at all.

Note that many DHCP products/packages have the ability to update DNS in
response to DHCP lease activity, and they often also advertise this as "Dynamic
DNS". But in some cases they are not using the Dynamic Update protocol either:
especially if they are a combined DNS/DHCP product with a database backend
(e.g. Lucent's QIP or Nortel's NetID), they may be making the updates directly
to the backend database. So you have to be careful there too when such vendors
advertise "Dynamic DNS"...

To their credit, when Microsoft claims that their Win2K clients do "Dynamic
DNS", they really do mean that they use the Dynamic Update protocol. (At least
part of the time -- when a Win2K client updates an AD-integrated DNS, does it
still use the Dynamic Update protocol, or some proprietary AD protocol? Sorry
for the non-BIND-related question; I'm just curious...).


- Kevin