Network services are the core of your network, that foundation on which everything is built. According to the author, these are simple, but important services.
DHCP
DHCP is a service that allows a device on the network to dynamically receive an IP address and some network settings from a central server. If your computer is configured to dynamically receive an IP address, it will send broadcast requests during the boot time, in order to receive a response from a DHCP server. The DHCP server will respond, then the computer will give a request to receive IP from this server, giving it its own MAC address. In response, the server will issue an IP or report that it is impossible.
DNS
DNS is a service that allows domain names in IP addresses. For example, when accessing Internet resources in the URL field, we key in the readable name google.com, and operation with the resource is performed using IP address. Before accessing the resource, the client computer accesses the DNS server by requesting an IP address for a specific name. If there is such a name in the DNS server database, it returns the requested IP address to the client. If no name is found, the DNS server in most cases will address the upstream DNS server. And so on, to the very top: 13 root DNS servers, which ensure the operation of the DNS root zone on the Internet. Receiving a response occurs along the chain in the opposite direction.
DNS and DHCP services can be installed on different servers and network devices. Starting from home routers, and ending with individual servers, specially allocated for these tasks. When planning a network, it is important to choose the correct location and number of servers that ensure the reliable operation of these services.
For example, for DHCP resiliency, you can configure multiple servers, and for DNS, in addition to redundancy, you can install both internal and external DNS servers.
DNS and DHCP servers can be configured on Windows and Linux. Depending on the platform of choice, there may be various advantages and features of the setting. For example, in Windows 2012, you can set up the DHCP service in a failover mode and use secure connections for DNS. In order to install DNS and DHCP network services on Windows servers, you need to set up the appropriate roles. Further configuration depends on the parameters of your network.
The operation of ActiveDirectory is closely related to the DNS service. You can install DNS services while setting up the ADDS role, so the DNS server installation will be performed on the domain controller. By the way, DHCP also has integration with the domain: the domain machine will not receive IP from the DHCP server, if it is not activated in AD.
To set up a DNS and DHCP server, it is required that the server had a static IP. Also, at the time of server installation, it is highly recommended that you already had a developed plan of sub-networks, sections and exceptions. Also, do not forget about the correct configuration of network equipment. For example, getting an ip address from a DHCP server will work within a single broadcast domain.
If you use Cisco equipment and several vLans, you need to register the ip-helper with the ip address of the DHCP server for each of them. In the case of using other network equipment, you need to find methods to configure its functionality. After installing the role, you can connect to the services for further management using the console that is located in the administration tools menu.
Further DHCP server setting requires the configuration of at least one section within which a pool of assigned IP addresses, addresses to be excluded from issuance, and reservations will be specified. You need reserve an IP address for this address to be issued automatically only one single device.
The MAC address of the network interface of the device is a unique identifier, for which the IP address must be assigned. In addition to these settings, you can also specify a number of network options that will be received together with the IP address. For example, a gateway and DNS server network, a proxy server for Internet access, PXE settings to boot the device using the network, and much more.
For further DNS server setting, you will need to create at least one forward and, if it is necessary, reverse zone, specify the need for dynamic updates and configure the forwarding of requests. You can use the ready-made wizard for configuration, which you can be found in DNS Management Console menu.
When a zone is created, its type must be specified. There are 3 types of zones:
- Primary. It is used for direct management of the zone entries.
- Optional. It is a copy of the main one and can provide information about zone entries, but it does not allow editing them.
- Blanking zone. It stores only information about the NS-servers of the zone, simplifying the process of name resolution and DNS administration.
After the zone is created it needs to be filled with the required entries.
Among the most frequently used there are:
- A (AAAA for IPv6) – sets the name to match the IP address.
- CNAME – alias for recording A
- MX – the address of the mail gateway for the domain zone.
- NS – addresses of servers serving the zone.
- TXT – entry that includes arbitrary binary data.
- PTR – matches the IP address to the name.
There are also others, such as SOA, SRV, and so on.
It should be noted that other DNS servers update the information about your zone with a certain delay, therefore, it must be kept in mind that, despite the fact that the DNS zone changes are applied immediately, the unambiguous absence of name resolution errors will be achieved only in 48 hours after applying the changes.
One of the frequent tasks that arise when installing your own DNS server is to transfer the zone away from the provider. To do this you need to:
- Create an additional zone.
- Pull all data from the main zone using synchronization.
- Make the zone primary
- Change the NS server in accordance with it.
Speaking of creating a backup, it is important to understand that the service itself is deployed within a few minutes and the main data that has to be protected is:
- For DHCP: a dump of the server settings and sections.
- For DNS: a dump of settings and zones.
There are countless methods of protecting this information. Which one of them to choose is up to you.
This text was intended to shed some light on the principles of the network services DNS and DHCP and their relevancy in the infrastructure of your enterprise.
If you have any questions, you can always get advice from our specialists or seek assistance with implementing products at [email protected]