430 likes | 566 Views
Windows System Administration. DNS, DHCP and VPN. Borislav Varadinov. Telerik Software Academy. academy.telerik.com. System Administrator. bobi@itp.bg. Table of Contents. Domain Name System (DNS) Dynamic Host Configuration Protocol (DHCP) Virtual Private Network.
E N D
WindowsSystem Administration DNS, DHCP and VPN Borislav Varadinov Telerik Software Academy academy.telerik.com System Administrator bobi@itp.bg
Table of Contents • Domain Name System(DNS) • Dynamic Host Configuration Protocol (DHCP) • Virtual Private Network
What is Microsoft DNS Server? • DNS is a widely used standardized protocol • A Request for Comments (RFC)-compliant DNS server • Windows Server Role • Used in TCP/IP networks for naming hosts and network services • Locates hosts and services through user-friendly names • Client-Server architecture service • Support for Active Directory integration
DNS Resolution Process News.com DNS Server .com DNS Server Root DNS Server Local DNS Server DNS Request Example.com DNS Request News.com Example.com
What are forward and reverse zones? • Forward Lookup Zone • Supports the primary function of DNS, the resolution of host names to IP addresses • Reverse Lookup Zone • Supports the resolution of IP addresses to host names
DNS Records • There are many different types of DNS records • Most common: • A • CNAME • MX • NS • PTR • SOA • SRV
Dynamic Update • Dynamic update enables DNS client computers to: • Register their resource records • Dynamically update their resource records • Dynamic update is additional DNS standard specification(RFC 2136)
What Are the DNS Zone Types? • Primary • Secondary • Stub • Active Directory-Integrated
Active Directory-integrated DNS • Usually DNS Servers store their zones data as text files on the file system • Active Directory–integrated DNS enables to: • Store zone data in AD database • Replicate DNS zone data through AD replication • Secure Dynamic Updates • Allows multimaster writes to zone • Available only on Domain Controllers
Stub Zone • A stub zone is a copy of a zone that contains only those resource records that are necessary to identify the authoritative DNS servers for that zone
Manageable Name Resolution • Root Hints • Root Hints is a list of IP addresses of DNS servers that are authoritative at the root level of the DNS hierarchy • Forwarders • A forwarder is a DNS server that forwards DNS queries for external names to DNS servers outside that network • Conditional Forwarders • A conditional forwarder is a DNS server that forwards DNS queries according to the DNS domain name in the query
Zone Delegation • DNS provides the option of dividing up the namespace into one or more zones • DNS delegations can be used to: • Delegate management of part of your DNS namespace to another location or department • Divide large zone into smaller zones to distribute traffic loads among multiple servers • Extend the namespace by adding numerous subdomains
High Availability • The DNS Services high availability is achieved by using multiple DNS Servers • Use secondary DNS Servers • Use Active Directory-integrated zones • DNS Client chooses primary DNS Server and if it is no available, it asks the next server • In domain infrastructure always put only Domain Controllers for primary and secondary
Aging and Scavenging • Provides a mechanism for performing cleanup and removal of stale resource records (RRs) • Aging • Scavenging • DNS server can determine that RRs have aged to the point of becoming stale and remove them from zone data
Advanced Server Options • Round Robin • Used to randomize the results of a similar type of query to provide basic load-balancing functionality • Netmask Ordering • Used to return addresses for type A DNS queries to prioritize local resources to the client • Disable Recursion
DNS Management Tools • DNS Manager (DNSMgmt.msc) • DNSCMD.exe
Demonstration • Install DNS Role • Create new forward and reverse lookup zones • Configure Server and Zone settings • Demonstrate DDNS • Demonstrate Active Directory-Integrated replication • Demonstrate Primary and Secondary DNS Server usage • Demonstrate Forwarders and Conditional Forwarders
What is DHCP? • Widely used standardized protocol • Windows Server Role • Client-Server architecture • Integrated with Active Directory and DNS • Authorization • DNS Dynamic Update
Authorize DHCP Server • DHCP Authorization is a process that: • Register the DHCP Server IP address in Active Directory • Prevent not authorized DHCP Servers to lease IP addresses on the network • Stand-alone DHCP Servers detects if an authorized server is working on the same network segment (Only for Windows Servers)
Demonstration • Install DHCP Server Role • Verify that DHCP Server is authorized
Scope • A scope must be properly defined and activated before DHCP clients can use the DHCP server for automatic TCP/IP configuration • A scope has the following properties: • Scope name • Range of possible IP addresses • Unique subnet mask (which determines the network ID for the scope) • Lease duration values
DHCP Options • The DHCP options are various configuration settings that are passed to the DHCP Clients • Common DHCP options • DNS Servers • DNS Domain Name • Routers • NTP Servers
Reservations • You can reserve IP addresses for assignment to specified computers or devices • Reservations ensure that a specified devices always receives the same IP address. • Use reservations for devices that must always have the same IP address: • such as servers that do not support Domain Name System (DNS) dynamic update.
Preventing address conflicts • Windows Server 2008 DHCP has both server-side and client-side conflict detection to prevent duplicate IP addresses on your network. • Client conflict detection • Server conflict detection
Relay Agent • Relay agent is a service that relays DHCP messages between DHCP clients and DHCP servers on different IP networks
DHCP High Availability • Split Scope • Failover Clustering
Vendor and Users classes • Vendor Class • User Class • Ipconfig /setclassid
DHCP Server Management Tools • DHCP MMC Console • Netsh
Demonstration • Install DHCP Role • Create new scope • Configure Server and Scope settings
What Is Routing and Remote Access (RRAS)? • Role Service of Network Access and Policy Services • Provides Routing and NAT functions • Provides Dial-Up and VPN functions
VPN Internet
Tunneling Protocols for VPN • PPTP • L2TP • SSTP • IKEv2
VPN Server Requirements • Two NICs • IP Address allocation • Local Administrator
CMAK Connection Profile • Management software that simplifies and enhances the management of remote connections • Usesprofiles made of connection settings that allow connections from the local computer to a remote network • Profiles can be distributed to client computers
Network Policy Server (NPS) • Network Policy Server (NPS) can be used as a RADIUS server • Performs (For RADIUS clients): • Authentication • Authorization • Accounting
DirectAccess • New remote access feature • Allows connectivity to corporate network • Differs from the traditional VPN connections • Provides support only for domain-joined Windows 7 and above • Enables seamless connectivity to corporate networks
Group Policy http://academy.telerik.com
Free Trainings @ Telerik Academy • "Web Design with HTML 5, CSS 3 and JavaScript" course @ Telerik Academy • html5course.telerik.com • Telerik Software Academy • academy.telerik.com • Telerik Academy @ Facebook • facebook.com/TelerikAcademy • Telerik Software Academy Forums • forums.academy.telerik.com