HOW IT WORKS To explain how DNS can look up WINS records, and how the WINS service adds dynamic IP addresses, I will first provide some background into dynamic WINS records. When a client system starts up using TCP/IP, it either has a statically assigned IP address or is configured to use DHCP. The statically assigned model is more familiar on the Internet, where machines may keep the same IP addresses for decades.
In local area network environments, however, it is common for administrators to make use of DHCP to assign IP addresses. In a DHCP network, systems do not know what their IP address may be until they boot and connect to the network. This makes name resolution difficult, since even the host itself does not know what its IP will be until it is already on the network. Because Microsoft networks typically make use of the WINS service for resolution of NetBIOS names to IP addresses, WINS has the capability to add system names and IP addresses to its database as they boot. In a nutshell, machines contact their configured WINS server and let it know what their IP addresses are after startup.
Nothing in any Windows operating system allows it to contact a DNS server and notify it of an IP address after startup, however. DNS is typically administered differently, by manually adding records one at a time. In order to keep a DNS database up to date when a system booted with a dynamic IP address, an administrator would need to modify the DNS database constantly!
So Microsoft has built a feature into the DNS service in Windows NT to allow it to escalate queries for names to a WINS server. Essentially, if a DNS server is asked for a name to be resolved to an IP address and it does not find that name in its zone file, it will forward the query on to a WINS server. If the WINS server recognizes the name, it will return the IP address to the DNS server. The DNS server, in turn, will return the IP address to the client that requested it originally.
This complex process allows the traditionally static DNS database to take on a dynamic characteristic, care of WINS. It only works with Microsoft-based DNS servers, so forget about it if you have an existing UNIX-based DNS infrastructure. Further, it only works with the DNS server built into Windows NT; other Windows NT DNS services will not know how to query WINS servers. All of these problems combined make this a cumbersome and rarely used protocol.
MORE DETAILS, PLEASE It took some work to allow DNS servers to query WINS servers. First, Microsoft had to add two entirely new record types to DNS, WINS and WINS-R. If this is already sounding a bit hacked together, keep reading . . . .
You already know that DNS is a hierarchical naming standard and WINS is a flat naming standard. For example, two systems may have a hostname tony but have different DNS names (such as tony.west.mycompany.com and tony.east.mycompany.com). However, there can only be a single system named TONY in an NT domain. So imagine a scenario where a client queries a DNS server for the hostname tony. It just so happens that Tony’s system boots using a DHCP-assigned address and so does not have a record in the DNS database.
To which WINS server will the DNS server look to find it? If there are different NT domains for the east and west subdomains, how does the DNS server know which WINS servers it should ask?
These questions are answered by the first of two types of DNS records that Microsoft retrofitted the DNS “standard” with. This record is called a WINS record, cleverly enough. The mere presence of this record in the root of a DNS zone instructs the DNS server to forward requests for names that cannot be resolved to the WINS server listed.
The format of this record is as follows:
<domain> IN WINS <WINS Server IP Address>
You may add the record manually as described, or you can use the GUI. To configure a WINS record using the graphical user interface of the DNS Manager:
Open the properties sheet for a specific zone by right-clicking on a zone name and picking Properties.
The Zone Properties dialog box will appear, as illustrated in Figure 12-11. Select the WINS Lookup tab.
Select the Use WINS Resolution check box.
Add one or more IP addresses to the list below the check box, clicking the Add button between each.
Click OK when done.
Because the WINS record is defined on a per-zone basis, it helps if your zone structure coordinates with the structure of your Windows NT domains.
One more note: If you are using dynamically assigned IP addresses, set the cache time low so that the IP addresses provided by the WINS servers are not retained by the DNS server after they are no longer valid. To do this:
Open the properties sheet for a specific zone by right-clicking on a zone name and picking Properties.
The Zone Properties dialog box will appear. Select the WINS Lookup tab.
Click the Advanced button. You will be greeted with the Advanced Zone Properties dialog box, as illustrated in Figure 12-12.
Click the little up and down arrows to change the cache value to something lower, like two minutes.
Click OK twice to close the dialog boxes.
The second DNS record type that Microsoft added is the WINS-R record, which is used to look up WINS records given the IP address of a system. The format of this type of record is as follows:
<domain> IN WINS-R <name of Internet domain>
WINS-R records can be added manually to the database or can be configured to work automatically via the GUI. These instructions are similar to adding the records for the standard WINS servers, except that they involve using the in-addr.arpa zone. To configure a WINS-R record using the graphical user interface of the DNS Manager:
Open the properties sheet for a specific zone by right-clicking on the in-addr.arpa zone name and picking Properties.
The Zone Properties dialog box will appear, as illustrated in Figure 12-13. Select the WINS Reverse Lookup tab.
Select the Use WINS Reverse Lookup check box.
Add a domain name to append to the hostnames returned from WINS, and click OK.
WHEN TO AND WHEN NOT TO INTEGRATE THESE SERVICES For example, integrating these services will be necessary if Elvis’s desktop machine (elvis.mycompany.com) is assigned an IP address via DHCP. It would be possible to create a static DNS entry with Elvis’s IP address, but it may become invalid the next time the system is rebooted. In this situation, it is very important to integrate WINS and DNS by allowing DNS to look up records in the WINS database.
This is less important if DHCP is used to assign static IP addresses to systems. If all systems are DHCP clients but every system has a static mapping within the DHCP database, you may add static DNS entries for each and every system without too much concern. If these systems are tied to a particular IP address, however, reconsider using DHCP at all.
TESTING AND TROUBLESHOOTING DNS
DNS is a complex and very large-scale protocol. Hence, it will break from time to time. This is an inconvenience for the average person, but if you are the administrator, it quickly becomes an emergency. This section is not intended as a complete and thorough how-to guide to troubleshooting DNS, but I do want to introduce you to the primary tools.
PING
I had to mention PING here, though it seems obvious. PING is a great way to determine if a particular host is up and running and whether or not the network is operating properly. The first item to check when you experience DNS problems is the status of the systems and network. I suggest first checking to see if the problematic DNS servers respond at all.
If the DNS server responds to PING, then you have assured yourself that the system is up and running and that the network is operational. Several network-related things can still go wrong–for example, packet filtering may be occurring at some router between the system you use for testing and the DNS server. It is not uncommon for filtering routers or firewalls to allow ICMP traffic (such as PING) through but to filter traffic such as DNS.
If the DNS server does not respond to PING, then the odds are good that the system is down. To verify that it is the system and not a network problem, perform a TRACERT and determine whether the router to which the DNS server is connected is operating properly.
Caution: This suggestion will seem obvious to many, but I wanted to point it out anyway. When troubleshooting DNS, make an effort to use the IP addresses instead of the DNS names to eliminate the possibility that the problem is being caused by the DNS server rather than the host.
NSLOOKUP
The definitive utility for testing DNS and diagnosing DNS problems is NSLOOKUP. This has been a part of the UNIX operating environment for years, but it is fairly new to Windows NT. For this reason, many NT administrators may not be familiar with its use–I will take a few pages to describe the command.
First, NSLOOKUP is a command-line utility, so start a command prompt. NSLOOKUP has two execution modes: interactive and noninteractive. Noninteractive is best for looking up information about a single record and for scripting. Interactive mode is less commonly used but is convenient if you are looking up multiple records at a single time or need to make use of the extended command set.
NONINTERACTIVE MODE
To use this mode, provide the NSLOOKUP utility with all the information it needs at the command prompt. These are provided in the standard way, as command-line parameters. For all parameters, preface the option with a hyphen. If the parameters require a string argument, follow it with an equal sign and a value. Table 12-5 shows all the possible parameters for the NSLOOKUP utility.
INTERACTIVE MODE
The interactive mode for NSLOOKUP allows you to perform queries for several servers in sequence. It also allows for more flexibility with the command-line arguments. To enter interactive mode, simply execute the NSLOOKUP command without any parameters. Your command prompt will change to a > sign, indicating that NSLOOKUP will be interpreting everything you type. The options are similar to those for the noninteractive mode, and there are many additional commands, as shown in Table 12-6.
To enter NSLOOKUP interactive mode, simply enter NSLOOKUP at the command prompt. If you want to query a different server (or if you do not have a default DNS server specified), use the format NSLOOKUP - 192.168.8.20, where 192.168.8.20 is the IP address of the DNS server to query. You will be greeted with:
Order Your SQL Fundamentals CD Today! Learn how to use SQL Server, understand Office integration techniques and dive into the essentials of SQL Express and Visual Basic with this free SQL Fundamentals CD.
You've Deployed SharePoint...Now What? This one-day free online conference delivers the technical knowledge needed to kick MOSS up a notch. In one information-packed day, independent SharePoint experts will present practical, real-world information and provide take-away, ready-to-use solutions
What Would You Do If You Ran Microsoft? ITTV's 2008 inaugural video contest, "If I Ran Microsoft..." is your chance to tell it like it is. Be goofy or be serious, but don"t miss this chance to have fun, win prizes, and go viral in a major way.
Maximize Your SharePoint Investment This web seminar discusses how true bi-directional replication of SharePoint content from one server to another enables branch offices to maintain access to current SharePoint content.
Windows IT Pro
Register
