Configure Reverse Lookup Zone

Although, the Reverse Lookup Zone is not mandatory to configure, it is a good practice to configure it. To configure the Reverse Lookup Zone, you need to:

1. 1. Right-click the Reverse Lookup Zones node under the DNS server in the DNS Manager console and then click New Zone, as shown in Figure 2-7.
      

      

   2. Click Next on the first page of the New Zone Wizard that appears.
   3. Select the type of zone you want to create from the Zone Type page. Select Primary zone for this example because this is the first zone and cannot be secondary.
   4. Ensure that Store the zone in Active Directory option is turned on and then click Next, as shown in Figure 2-8:
      

      

      The Active Directory Zone Replication Scope page appears, as shown in Figure 2-9. The page allows you to specify the replication scope of the zone.

   5. Select To all DNS servers in this domain option because this zone is tied to the specific domain inscription.com.
   6. Click Next.
      

      

      The Reverse Lookup Zone Name page appears, as shown in Figure 2-10.

   7. Select the address type as IPv4 Reverse Lookup Zone for the zone for this example because we are using IPv4 addresses. If you are using both IPv4 and IPv6 IP addresses then you need to create two reverse lookup zones.
   8. Click Next.
      

      

   9. Type the Network ID of the zone or the IP address range for which the reverse lookup zone is responsible in the next page that appears.The wizard automatically generates the Reverse lookup zone name by reversing the order of the digit blocks and appending the result to the “root” domain name, as shown in Figure 2-11:
      

      

   10. Select the type of dynamic update that you want to allow for the zone from the Dynamic Update page that appears, as shown in Figure 2-12. For this example ensure that the most commonly used option Allow only secure dynamic updates is selected.
   11. Click Next.
       

       

   12. Click Finish on the last page of the Wizard.

The Reverse lookup zone is created.

Although you can create DNS zones manually, it is not recommend. To configure Zones, you should first install AD DS role on the server to create a new forest or a domain on the server and then use Dcpromo.exe to automatically create zones. Dcpromo is actually used to promote the Server to the Domain Controller. To know how to install AD DS role on the server go to section Configure a Forest or a Domain.

As soon as you configure a domain/forest and run dcpromo.exe, the Forward Lookup Zone is configured automatically. However, you still need to configure the Reverse Lookup zone because it is not configured automatically.

Note:

The AD DS service requires the server to be the domain controller. If it is not a domain controller you need to make it.

You can now see the changes that the AD DS setup has made to the DNS Server by opening the DNS Manager. Notice that Dcpromo.exe automatically creates the forward lookup DNS zone with name _msdcs.<forestname> that contains the Active Directory forest-wide locator records. It creates another forward lookup zone that affects only the root domain, as shown in Figure 2-5.

When you have created the forward lookup zone, you should see three records automatically created in that zone, as shown in Figure 2-6. These records are:

• The SOA record: The Start of Authority (SOA) resource record is always first record in a standard zone. It contains the information about other name servers and allows you to make required modifications such as you can change the primary server that holds the SOA record or the person responsible for managing the SOA.
• The NS record: The Name Servers (NS) records allow you to specify all name servers for a domain. It allows you to set up all primary and secondary name servers of the domain.
• Alias CNAME record: The CNAME or canonical resource records allows you to use more than one name to point to a single host to simplify tasks such as FTP server and a Web server on the same computer.

You can now create desired resource records.