Windows Server 2008 - DNS enhancement nuggets
There are a number of enhancements to DNS in Windows Server 2008. There are already some lengthy articles on the features, so in this post I hope to give a quick “why you care” on each of the features and some nuggets of wisdom / insight. Here we go…
DNS on Server Core: I see this as a very useful scenario for most people who use DNS in conjunction with RODC in branch offices using the new primary read-only zone. You get all of the server core benefits such as improvements in performance, less patching, security, etc, and it can have all of the same core functionality as a regular DNS server. The easiest way to manage is remotely using the DNS MMC.
Background Zone Loading: Companies who have a large number of records in AD-integrated zones might have to wait 1+ hours to have DNS respond to queries after restarting. Now, DNS spawns off multiple threads to be able to respond to client queries right away. If the record in the zone hasn’t been loaded into memory yet and it is still in the process of loading the entire zone, it will query the node in AD, cache it in the zone, and return a response to the client.
IPv6 Support: Microsoft supports IPv6 in Server 2003, but it was a bit of a management pain and there were some other limitations. See
Joseph Landies Cable guy article for the management/integration improvements made in WS08. Also, some other improvements:
Make sure your critical apps are cool with receiving a response for an IPv4 address and an IPv6 address. I haven’t personally seen any app problems, but nonetheless, worth mentioning.
Primary read-only zone: This new zone type is also referred to as a “branch office zone” which is available on RODCs running DNS. The zone will make a read-only copy of all of the AD-integrated zones locally from a full DC. The easiest way to think about it is as a read-only secondary zone, but better due to the benefits of AD-integration (i.e. security, management, and you can easily replicate multiple zones).
Global Names Zone: This allows you to resolve single-label names in DNS as an aid to get rid of WINS. If you still need computer browsing, you have apps hard-coded to only use NetBIOS name resolution, or have really old clients & NT4 – sorry, you probably still need WINS. However, if you just need the single-label name support for things like custom-named internal websites or servers throughout your entire environment – this is the solution. There are quite a few things to consider with this, so I recommend reading the whitepaper listed below. A couple quick key limitations are a) this functionality only works with WS08 DNS servers and b) it also doesn’t support dynamic updates.
DNS Client changes: For Vista clients or WS08 servers, the DNS client has a few good changes: