Managing DNS Server Settings

You can manage settings for each zone by accessing the properties of the zone by rightclicking the zone and selecting the Properties menu option from the menu that appears.

The General tab of the Properties page allows you to modify the replication scope, type, dynamic updates, aging, and the status of the zone.

Ensure that each internal DNS zone is Active Directory integrated, use proper replication scope and supports only Secure Dynamic Updates.

Configure zone transfers and replication

The General tab allows you to configure the replication scope of the zone, as shown in Figure 2-16:

Figure 2-16

The replication scope options can be seen by clicking Change button next to Replication field. The replication scope options available are:

The Domain based DNS zone should replicate to all the DNS servers in the domain and the Forest based DNS zone should replicate to all the DNS servers in the forest.

While selecting the replication scope of the zone keep in mind that the broader the replication scope, the greater the network traffic is caused by replication. For example the data replication of AD DS–integrated DNS zone to all DNS servers in the forest produces more network traffic as compared to the replication of DNS zone data to all DNS servers in a single AD DS domain in that forest.

While replication, the AD DS-integrated DNS zone data stored in an application directory partition is not replicated to the global catalog for the forest whereas to provide support to Windows 2000, the data stored in a domain partition is replicated to all domain controllers in its AD DS domain, and a portion of this data is stored in the global catalog.

The Zone Transfers tab allows you to enable/disable the zone transfers and set the name servers to which you allow this zone to be transferred upon request. If the zone is integrated then the zone transfers are not required.

You can enable zone transfers by selecting Allow zone transfers option, as shown in Figure 2-18. The zone transfer can be allowed to:

The WINS tab allows you to assign WINS lookups if you cannot use GNZs. The Sate of Authority (SOA) tab allows you to modify the identification information of the zone, as shown in Figure 2-19.

For example if you want to change the value of the serial number you can increment the serial number that is assigned to the zone when it is created. You can modify the Primary server of the zone, which is the server where the zone was first created. You can also modify the responsible person who operates the zone. To modify the responsible person, you need to first create the responsible person. You can modify the various time based settings for the record. Usually the default values are acceptable.

Figure 2-19

The Name Servers tab allows you to add Name Servers to the zone. Add at least two name servers in a domain as a best practice. You can add the Name Servers by clicking the Add button on the tab.