DNS Overview

Applies To: Windows Server 2008, Windows Server 2008 R2

Domain Name System (DNS) is a system for naming computers and network services that is organized into a hierarchy of domains. DNS naming is used in TCP/IP networks, such as the Internet, to locate computers and services with user-friendly names. When a user enters a DNS name in an application, DNS services can resolve the name to other information that is associated with the name, such as an IP address.

For example, most users prefer a friendly name, such as corp.contoso.com, to locate a computer, such as a mail server or Web server, on a network. A friendly name can be easier to learn and remember. However, computers communicate over a network by using numeric addresses. To make the use of network resources easier, name systems such as DNS provide a way to map the user-friendly name for a computer or service to its numeric address.

The DNS Server role in Windows Server 2008 combines support for standard DNS protocols with the benefits of integration with Active Directory Domain Services (AD DS) and other Windows networking and security features, including such advanced capabilities as secure dynamic update of DNS resource records.

Server features

The DNS Server role provides the following:

  • A Request for Comments (RFC)-compliant DNS server

    DNS is an open protocol. It is standardized by a set of RFCs. Microsoft supports and complies with these standard specifications.

  • Interoperability with other DNS server implementations

    Because the DNS Server service in Windows Server 2008 is RFC-compliant and it can use standard DNS data file and resource record formats, it can successfully work with most other DNS server implementations, such as those that use the Berkeley Internet Name Domain (BIND) software.

  • Support for Active Directory Domain Services (AD DS)

    DNS is required for support of AD DS to give network computers the ability to locate domain controllers and to support AD DS replication. If you install the AD DS server role on a server, you should install and configure the DNS Server service on the new domain controller at the same time. This ensures the best possible integration and support of AD DS and enhanced DNS server features. You can, however, use another type of DNS server to support AD DS deployment. When you use other types of DNS servers, consider additional issues that are related to DNS interoperability.

  • Enhancements to DNS zone storage in AD DS

    DNS zones can be stored in the domain or application directory partitions of AD DS. An application directory partition is a data structure in AD DS that distinguishes data for different replication purposes. You can specify in which AD DS application directory partition a zone is stored and, consequently, the set of domain controllers between which that zone's data will be replicated. The DNS Server service maintains two application directory partitions, DomainDnsZones and ForestDnsZones, in every domain and forest to store zones for standard replication.

  • Conditional forwarders

    The DNS Server service extends the functionality of standard forwarders by providing conditional forwarders. A conditional forwarder is a DNS server on a network that forwards DNS queries according to the DNS domain name in the query. For example, you can configure a DNS server to forward all the queries it receives for names ending with corp.contoso.com to the IP address of a specific DNS server or to the IP addresses of multiple DNS servers.

  • Stub zones

    DNS supports a type of zone called a stub zone. A stub zone is a copy of a zone that contains only those resource records that are necessary to identify the authoritative DNS servers for that zone. A stub zone keeps a DNS server that hosts a parent zone updated with the authoritative DNS servers for its child zone. This helps maintain DNS name resolution efficiency.

  • Enhanced DNS security features

    DNS provides enhanced security administration for the DNS Server service, the DNS Client service, and DNS data.

  • Integration with other Microsoft networking services

    The DNS Server service offers integration with other services and contains features beyond the features that are specified in the RFCs. These features include integration with AD DS, Windows Internet Name Service (WINS), and Dynamic Host Configuration Protocol (DHCP) services.

  • Improved ease of administration

    DNS Manager, the DNS snap-in in Microsoft Management Console (MMC) offers an improved graphical user interface (GUI) for managing the DNS Server service. Also, there are several configuration wizards for performing common server administration tasks. In addition to the DNS snap-in, other tools are provided to help you better manage and support DNS servers and clients on your network.

  • RFC-compliant dynamic update protocol support

    The DNS Server service enables clients to dynamically update resource records, based on the dynamic update protocol (RFC 2136). This improves DNS administration by reducing the time needed to manage these records manually. Computers running the DNS Client service can register their DNS names and IP addresses dynamically.

  • Support for incremental zone transfer between servers

    DNS servers that store DNS data in files use zone transfers to replicate information about a portion of the DNS namespace. When it transfers zones that are not integrated with AD DS, the DNS Server service uses incremental zone transfer to replicate only the changed portions of a zone, which conserves network bandwidth.

  • Single-label host-name resolution without WINS

    The DNS Server service supports a zone called GlobalNames to hold single-label names, that is, names that do not contain the name of a parent domain (such as .com). In networks in which the use of WINS is not an option, the GlobalNames zone provides single-label name resolution for a limited set of centrally administered servers with fixed IP addresses.