WEBVTT

00:00.360 --> 00:04.130
Now let's talk about managing zone delegation.

00:04.200 --> 00:12.990
DNS zone delegation delegates the administration of DNS though with a list you can see why the large

00:13.110 --> 00:19.780
zone into smaller Saab's zones to distribute the load and to improve performance.

00:19.860 --> 00:31.250
So for example if lap dot com has several sub zones tasked dot dot com i t dot lap dot com research

00:31.300 --> 00:34.100
dot lobbed dot com and so on.

00:34.170 --> 00:42.990
You can delegate Asop zone to a different DNS server to distribute the load Taynton best relative overhead

00:43.220 --> 00:53.110
to add a delegation for that I need dot dot com to server lab DC to use the following command.

00:53.210 --> 01:04.380
And the DNS server zone delegation with the following parameters name ALAP dot com child zone name I-T

01:04.560 --> 01:16.650
IP address 192 one sixty eight thirty six name server Leptis to dot dot lap dot com and pass through

01:16.650 --> 01:26.430
parameter the DNS server alone delegation group of common let's include the verbs and get remove and

01:26.430 --> 01:29.730
set use the set command.

01:30.180 --> 01:38.880
Does DNS servers on delegation common lead to change the IP address or addresses to reach to delegate

01:39.160 --> 01:46.590
let alone this doesn't add to the existing delegation IP address but replaces it.

01:46.590 --> 01:56.100
So for example to change the delegation for eyeteeth sub zone of Lappe dot com through the DNS server

01:56.280 --> 01:57.940
Labadie says 3.

01:57.990 --> 02:00.100
Use the following command.

02:00.190 --> 02:07.660
Cert does DNS server alone delegation with the following parameters name Child loan.

02:07.680 --> 02:12.560
In my case it's 80 IP addresses and name server.

02:12.630 --> 02:21.060
In my case it's lab This is three dirt lap dot com sorry dot dot lap dot com.

02:21.060 --> 02:22.900
Now let's take a closer look.

02:22.900 --> 02:25.800
To managing DNS records.

02:25.800 --> 02:34.230
DNS servers do more than simply translate a computer name into IP address though it's certainly the

02:34.230 --> 02:36.370
first and primary duty.

02:36.480 --> 02:44.430
They also provide the information that other services and servers need to know which server hosts a

02:44.430 --> 02:46.080
particular service.

02:46.080 --> 02:56.070
So for example Internet mail servers need to know which server in a lab dot com is the mail server for

02:56.160 --> 03:01.170
all of web dot com email and other clients and so forth.

03:01.230 --> 03:08.830
All the lab dot com network need to know which servers are official name servers for the zone.

03:08.940 --> 03:17.700
Each of these services is designated by a specific type of DNS resource record.

03:17.760 --> 03:29.520
The basic a or what a resource record translates DNS name into an IP version 4 or IP version 6 address

03:29.670 --> 03:38.930
respectively and makes a resource record specifies the mail server for the domain and an -- or a service

03:38.940 --> 03:39.780
record.

03:39.840 --> 03:49.610
I used to specify the server name servers for the dummy Windows DNS supports a wide variety of DNS records.

03:49.710 --> 03:53.560
But the core resource records are there for him.

03:53.610 --> 04:03.900
Some of them I've already mentioned that's a record Gawad a record c name record d s record DNS record

04:04.140 --> 04:07.270
and mix and S and BTR.

04:07.290 --> 04:13.880
Also we've got next year record as a record and Esera we record.

04:13.890 --> 04:16.190
So let's review those records.

04:16.230 --> 04:25.280
A record is for an IP version for hosta dress record quarte a record is for IP version 6 host address

04:25.350 --> 04:34.170
record see name record is for canonical name record the same record facilitates the use of more than

04:34.170 --> 04:38.550
one resource record to refer to a single host.

04:38.600 --> 04:47.670
The US had delegated Sinar record that the US record has used with domain name system security extensions

04:47.790 --> 04:55.870
and abbreviation for it is DNS SEC to designate the Saab's zone sign in key DNS record.

04:55.910 --> 05:05.390
It's for private key record for DNS SEC signed I mix record and mail exchange or record and mix record

05:05.480 --> 05:14.800
identifies the e-mail server for a domain there can be multiple mix records for a domain and record

05:15.030 --> 05:21.970
and name server record and record identifies and name software for the domain.

05:21.980 --> 05:30.320
There can be multiple Alnus records in a domain BTR record a point to record the PDR record is a reverse

05:30.320 --> 05:39.470
look up record that translates an IP address into a hostname pity our records can be IP version 4 or

05:39.560 --> 05:47.630
IP version 6 addresses the exterior occurred at text record the text your record is used to assign and

05:47.870 --> 05:59.300
formatted text to host in DNS echo many use of text records is for sender policy framework or SPF records

05:59.480 --> 06:08.320
use to identify legitimate email that senders is all a record and start of a songwriter record.

06:08.510 --> 06:17.480
So our record is a version number record identifying the version number of the DNS zone and S.R.O will

06:17.480 --> 06:26.570
record a service record their service record identifies the host name and part number of service for

06:26.570 --> 06:28.290
the specified service.

06:28.310 --> 06:37.490
All of the records listed here can be created or changed by using the Windows power cell DNS server

06:37.580 --> 06:38.810
resource record.

06:38.810 --> 06:39.970
Come on let's.

06:40.010 --> 06:49.610
With the exception of the saw record saw records are automatically updated whenever a changes made to

06:49.610 --> 06:50.820
the DNS.

06:50.960 --> 06:59.150
In addition to the general at the DNS server resource record come left which can be used to make all

06:59.150 --> 07:01.370
support to resource records.

07:01.370 --> 07:04.030
There are specific at the moment.

07:04.040 --> 07:14.650
Let's for that a record would a record see a name DNS DNS Skeat and makes and between our resource records.

07:14.720 --> 07:20.020
Let's take a look at these records with get Cal command real.

07:20.090 --> 07:30.200
Get help at does DNS server a resource record asterisk by it to form a table with auto parameter and

07:30.200 --> 07:33.090
formatted by name and Cynapsus.

07:33.140 --> 07:43.400
Now to region records let's create name or a or quite a resource records the process for create in any

07:43.400 --> 07:51.870
DNS resource record is essentially the same low each record type has said it's appropriate to the time.

07:51.950 --> 08:00.800
So for example to create an A record for the server lab DC to be that we can use the following command

08:01.010 --> 08:11.180
at Desch DNS server resource record a zone name Lepp dot com the record type Belbek a name lab DC to

08:11.360 --> 08:15.700
IP version 4 address one 19 one sixty eight.

08:15.820 --> 08:25.490
So the end of six grid BTR and pass through parameter This uses the general at DNS server resource record

08:25.490 --> 08:26.550
command left.

08:26.600 --> 08:35.420
Therefore I need to specify the record type A's and because I'm also running a reverse lookup long I

08:35.660 --> 08:43.900
can at the Create BTR parameter to automatically create the Peachi resource record for this server.

08:44.000 --> 08:51.440
The results are displayed back to consol because we use pass through parameter and remember that if

08:51.440 --> 08:56.430
you don't use pass through parameter the results will be completely silent.

08:56.540 --> 09:06.310
Now let's use less specific and DNS server resource record a command left to create the same DNS A record

09:06.500 --> 09:15.080
and we'll use the following command at the DNS server resource record a busy parameter lone name and

09:15.080 --> 09:25.510
in quotes lab dot com we also use parameters such as name IP version 4 address grid BTR and pass through

09:25.520 --> 09:26.280
parameter.

09:26.390 --> 09:34.370
So as you can see there is a specific moment left for some record types you could use either the first

09:34.460 --> 09:37.840
option or the second option as you like.

09:37.970 --> 09:45.830
And also remember that you can always check the syntax for the command let let check the syntax for

09:46.040 --> 09:52.700
ad DNS server or a service record common blood type syntax and the command.

09:52.700 --> 10:01.310
Let me get a pretty long list of the syntax which can be used in this common let create another resource

10:01.310 --> 10:06.570
record see name Recker the same name Recker sometimes Coulter's.

10:07.280 --> 10:15.440
It's a canonical record you can use to add an additional host name to a server name record points to

10:15.440 --> 10:17.640
an existing hostname record.

10:17.720 --> 10:25.670
When the DNS server receives an inquiry for the name in the name record it looks like a record for the

10:25.670 --> 10:34.610
host name that the C name points to and returns the IP version 4 address for that hostname to create

10:34.610 --> 10:36.810
a name record for a server.

10:36.890 --> 10:45.170
Let's say router that points to a to the A record for the fullerenes server name we can use the following

10:45.170 --> 10:46.310
command.

10:46.400 --> 10:54.820
And DNS server resource record a zone name See name the name Israel be using for this server.

10:54.830 --> 10:58.940
In my case it's a router hostname ls.

10:58.970 --> 11:07.190
Here we can we should type the full address of our server of fully qualified domain name and pass through

11:07.190 --> 11:08.070
parameter.

11:08.090 --> 11:15.740
You can of course useless the name specific common Blut most common let's produce exactly the same record

11:15.800 --> 11:18.260
and produce no visible output.

11:18.260 --> 11:23.000
Please remember that parse through parameter shows you the output.

11:23.000 --> 11:31.490
Now let's create a MX record source record that makes resos record a mail exchange or record that is

11:31.490 --> 11:41.000
used by simple mail transfer protocol or S-M T.P. servers to identify which host or hosts in a domain

11:41.000 --> 11:49.730
handle email for the domain that makes record includes a mail server priority field that enables you

11:49.730 --> 11:52.070
to have backup mail servers.

11:52.090 --> 11:59.510
The email is always delivered to the server with the lowest well here in the mail server priority field

11:59.720 --> 12:02.350
in the servers and makes MX record.

12:02.450 --> 12:11.570
So for example if you have dot com has a primary mail server named mail dot flag dot com and a backup

12:11.570 --> 12:19.510
mail server or a named mail to dot lap dot com you would create two mix records for that domain.

12:19.660 --> 12:28.910
Reduce the fall in command left at the DNS server resource record dush zone name in quotes the name

12:28.910 --> 12:37.780
of our zone and the following parameters name and makes mail exchange reference Antrel use preference

12:37.790 --> 12:46.400
turn for this exchange server and we'll also add a record for the preference 22 for the backup mail

12:46.400 --> 12:55.270
server with the following command and DNS server resource record zone name name and makes mail exchange.

12:55.310 --> 13:01.620
In this case it will be mailed to dot lab dot com and preference equals Trente.

13:01.760 --> 13:09.050
And the last example is for a service record to create an interview record for network news transfer

13:09.050 --> 13:16.180
protocol and A.P. server which will be listening on port 119.

13:16.190 --> 13:24.200
We can use the following command at der's DNS server or resource record his own name Lepp dot com name

13:24.420 --> 13:33.580
underscore and a.p dot underscore is simply the record stype field bit as are we domain name of this

13:33.580 --> 13:35.920
server will be our lap.

13:35.970 --> 13:45.040
So be one dot lap dot com port 119 priority zero weight zero and Bastro parameter.

13:45.140 --> 13:52.310
And please remember that for complete details on the perimeter supported for a particular resource record

13:52.520 --> 13:55.730
you can type get help command left.

13:55.820 --> 14:05.240
So always remember to use GET HELP command and to get most up to date version of help us get help with

14:05.300 --> 14:07.640
the dush online perimeter.

14:07.700 --> 14:16.260
Some notes about configuring zones scavenging and Asian use said DNS servers scavenges in command led

14:16.450 --> 14:24.040
to config and enable DNS zone scan engine Luscum and learn to accept parameters relate to scare engine

14:24.110 --> 14:33.530
intervals refresh times and which zones to apply to scavenge and to use the start DNS servers kerogen

14:33.530 --> 14:35.970
come and let tostadas kerogen.

14:36.050 --> 14:43.370
However scavenging will not actually happen unless Scavenging is unlabelled for the server and the zone

14:43.610 --> 14:45.400
the zone is started.

14:45.410 --> 14:53.600
Resource record kever times to use get DNS servers karenge and command lead to get information on the

14:53.600 --> 15:02.280
current state of scavenging to configure a certain for all zones and scavenge an interval for four days

15:02.470 --> 15:11.170
a refresh interval for three days and no refresh interval of zero use the following command certain

15:11.180 --> 15:18.770
days dentals scavenging Sorriso DNS servers square engine with the full perimeter scare engine state

15:18.910 --> 15:27.050
square engine interwove refresh interval and no refresh interval apply on all zones and pass through

15:27.060 --> 15:27.860
parameter.

15:27.960 --> 15:35.790
You can also configure record options including time to leave or TTL and wait parameters.