|
|
The Domain Name System (DNS) is a distributed database for objects in a computer network. The basic function of name servers is to provide information about network objects by answering queries. By using a name server approach, the network can be organized into a hierarchy of autonomous domains. The name space is organized as a tree that often resembles the organizations that are responsible for the administration boundaries.
You can configure the Network Registrar DNS server and zones by accepting the system defaults or changing them through the Network Registrar graphical user interface (GUI) or the (CLI) tool.
This chapter assumes that you have already installed your software by following the instructions in Getting Started with Network Registrar. It describes the Network Registrar DNS server configuration in more detail. If you want more information about how to configure DNS zones, see "Configuring DNS" in this guide.
<Xref_Color>Table 4-1 lists the topics and sections you need to configure a Network Registrar DNS server.
Table 4-1 DNS Configuration Topics
| If you want to... | Go to this section... |
|---|---|
Know more about DNS zones before you start configuring your DNS server |
|
"Configuring the First Zone as a Primary Name Server" section |
|
View a Primary zone name server's configuration, such as Start of Authority (SOA) record |
"Viewing a Primary Zone Name Server's Configuration" section |
Configure a zone's secondary name server and add additional name servers |
|
Define DNS forwarding servers, which includes viewing current forwarders, and adding, editing, and removing forwarders |
|
Define root name servers, which includes adding and removing a root name server |
|
Specify the exception list, which includes adding a domain name and address to exception resolution or removing a domain name and address from it |
|
Setting options, such as enabling recursive queries, round-robin, subnet sorting, incremental transfer (IXFR), and NOTIFY. |
|
Setting Advanced options, such as prefetching glue records, reporting lame delegation, enabling relaxed dynamic update, setting cache time limits and size, setting local and external port numbers, setting debug, and rebuilding resource records indexes. |
A zone is a point of delegation in the DNS tree. It contains all the names from a certain point downward, except those that have been further delegated to other zones. A zone delegation point has one or more Name Server (NS) records in the parent zone that should be matched by equivalent NS records at the root of the delegated zone.
The sample company, QuickExample, has registered the domain example.com. Because its parent zone is com., there is an NS record for example.com in the com zone as well as in the example.com zone (Figure 4-1).
Programs that store information about the domain name space are called name servers. Name servers usually have complete information about some part of the domain name space, called the zone. Each zone has one primary server, which loads the zone's contents from a local configuration database. Each zone can also have any number of secondary servers, which load the zone contents by fetching the data from the primary server
(Figure 4-2).
You must add a zone for which you configure primary or secondary servers. When you configure a name server as the primary server for the zone, you can enter zone data at that time or you can choose to import zone data from an existing BIND data file.
Note If the domain name you specify in the Resource Records does not have a trailing dot, Network Registrar considers the data to be relative to the current domain. Because Network Registrar stores all names as fully qualified domain names, it will append the current domain name to this name. Remember to specify a trailing dot if you specify the Fully Qualified Domain Name.
Proceed to the "Configuring the First Zone as a Primary Name Server" section to get started. In addition, "Configuring Hosts" section provides detailed information on how to add or delete a host(s) from a zone and other configuration information you will need later to configure DNS zones.
When you configure your first DNS zone, you must configure two types of primary name servers: a primary zone name server and a reverse zone name server.
You do not need to create a loopback zone because Network Registrar automatically creates one. A loopback zone is a reverse zone that enables a host to resolve the loopback address (127.0.0.1) to the name localhost. The host uses the loopback address to enable it to direct network traffic to itself. If you inadvertently delete your loopback zone, see "Configuring a Loopback Zone" in this guide for information about how to manually configure one.
The procedure is the same for all primary name servers; they just differ in the zone name. For example, if your primary zone name is example.com with the address of 192.168.1.1, then your reverse zone is 1.168.192.in-addr.arpa. and your loopback zone is 127.in-addr.arpa.
This section explains how to configure a primary forward name server. When you are done with this procedure, follow the procedure in "Configuring a Reverse Zone" section to configure a reverse zone for each network you are using.
Step 2 Click the Add toolbar button to display the Add Zone dialog box (Figure 4-3).
Step 3 Enter the primary name server's zone name.
Step 4 Click the Primary button.
Step 5 Click OK.
Step 6 From the Adding Primary DNS Zone dialog box (Figure 4-4), enter the appropriate information on the associated tab. The minimum information you must supply is SOA, Name Servers, and Hosts.
Step 7 Click the Primary button.
Step 8 Click OK.
Step 9 From the Add Primary DNS Zone dialog box, click the SOA (Start of Authority) tab (Figure 4-3).
Step 10 In the Contact email address field, enter the e-mail address of the administrator. Remember to use "." instead of "@."
Step 11 In the Name of primary server host field, enter the name of the primary server.
Use either the host name (ns) or the full name. If you use the full name, such as ns.example.com., remember to end the name with a period.
Step 12 In the remaining fields, enter the appropriate values for the various times or accept the defaults.
Step 13 Click the Name Servers tab (Figure 4-3).
Step 14 Enter the authoritative servers for this zone that are registered authorities with InterNIC.
Use either the host name (ns) or the full name, ns.example.com. If you use the full name, remember to end the name with a period.
Step 15 Reload the DNS server.
(a). From the Server Manager window (Figure 2-10), select the server you want to reload.
Step 16 Click the Resource Records tab to verify your zone configuration now. Review the Resource Records created thus far. You should see one of each record: SOA, NS, and A.
Step 17 Click OK.
The following example adds the zone, example.com, specifying that it is a primary zone and the name server is nameserver and the hostmaster is hostmaster.
Step 2 Use the zone set command to set the values of the zone.
You can accept the defaults or set the remaining values: expiration time, minimum TTL, refresh time, retry time, and serial number. The following are the default values.
Step 3 Use the zone addRR command to add the Address (A) resource record.
Although the zone command automatically creates the NS and SOA record for you, use the addRR command to create an A record for the name server named in the ns field.
Step 4 Use the zone addHost command to add hosts.
The following example adds the host bethpc with an IP address of 192.168.1.68.
The easiest and quickest way to create a primary zone is to import an existing BIND format zone file.
Step 2 Click the Add toolbar button to display the Add Zone dialog box.
Step 3 Enter the zone's name.
Step 4 Click the Primary button.
Step 5 Type the name of the BIND file or click the Browse button to locate the BIND file.
Step 6 Click OK.
Step 7 Reload the DNS server.
(a). From the Server Manager window (Figure 2-10), select the primary zone server you want to reload.
(b). Click the Control toolbar button to display the Control dialog box.
Use the zone create command to create a primary zone by importing an existing file that is in BIND format.
The following example adds the zone, example.com, specifying that it is a primary zone and to import the BIND file, hosts.local.
To import your entire named.boot configuration, use the import command.
To have a correct DNS configuration, you must create a reverse zone for each network you are using. A reverse zone is a primary zone that allows the Internet to convert IP addresses back to host names. Reverse zones are all in the special domain, in-addr.arpa.
To create a reverse zone manually, follow these instructions.
Step 2 Click the Add toolbar button to display the Add Zone dialog box.
Step 3 Enter the reverse zone name.
Your reverse zone's name is the inverse of your Internet network number, added to the special domain in-addr.arpa. For example, if your network number is 1.2.3.0, then your inverse zone name is 3.2.1.in-addr.arpa. On the other hand, if your network number is 1.2.0.0, then your inverse zone name is 2.1.in-addr.arpa.
Step 4 Click the Primary button.
Step 5 Click OK.
Step 6 From the Add Primary DNS Zone dialog box, click the SOA (Start of Authority) tab (Figure 4-3).
Step 7 In the Contact email address field, enter the e-mail address of the administrator. Remember to use "." instead of "@."
Step 8 In the Name of primary server host field, enter the name of the primary server.
Use either the host name (ns) or the full name. If you use the full name, such as ns.example.com., remember to end the name with a period.
Step 9 In the remaining fields, enter the appropriate values for the various times or accept the defaults.
Step 10 Click the Name Servers tab (Figure 4-3).
Step 11 Enter the authoritative servers for this zone that are registered authorities with InterNIC.
Use either the host name (ns) or the full name, ns.example.com. If you use the full name, remember to end the name with a period.
Step 12 Click Close.
Step 13 Reload the DNS server.
(a). From the Server Manager window (Figure 2-10), select the server you want to reload.
Step 14 Click the Resource Records tab to verify your zone configuration now. Review the Resource Records created thus far. You should see one of each record: SOA, NS, and A.
Step 15 Click OK.
Note After you have configured a reverse zone, Network Registrar automatically creates all the appropriate host address-to-name entries as you add hosts from the Add Hosts dialog box, in the forward zone.
For adding additional NS records, type
This command creates an additional resource record called ns2 in the reverse zone 3.2.1.in-addr.arpa. Its type is ns its value is ns2.3.2.1.in-addr.arpa.
To import a reverse zone from BIND, perform these procedures:
Step 2 Click the Add toolbar button to display the Add Zone dialog box.
Step 3 In the Name field, enter the reverse zone name.
Step 4 Click the Primary button.
Step 5 Do one of the following:
Step 6 Click OK.
Network Registrar imports the contents of your BIND zone file, except for any comments.
Note After you have configured a reverse zone, Network Registrar automatically creates all the appropriate host address-to-name entries as you add hosts from the Add Hosts dialog box in the corresponding forward zone.
Use the zone create command to import a reverse zone from BIND. The following example imports the reverse zone myzone, using the BIND zone file hosts.rev.zone_number.
You can view a name server's configuration by displaying its SOA record. The SOA record designates the top of the zone in the DNS inverted -tree namespace.
For a description of all the Network Registrar system icons, see the "Network Registrar Icons" section.
You can identify a primary zone by its icon displayed in the Server Manager.
Step 2 Click the SOA tab.
Network Registrar displays the zone's SOA record (Figure 4-4). For more information about the SOA Record tab, see the "Setting Start of Authority" section.
Use the zone list command to view a primary zone name server's SOA record.
When you initially configure a domain, you should choose a primary name server, and at least one secondary server. If you have only one secondary server, remove it geographically from the primary server. It should not be on the same network as the primary server. If you have only one name server and it goes down, no one can look up names. A secondary name server splits the load with the primary name server or handles the whole load if the primary name server is down.
If you want to reduce the load on the primary server as it answers queries from machines within its domain, you should configure another secondary server. Because the secondary server gets its zone data from the primary server. It contains all the local data.
If you want the secondary server to be authoritative for the zone, create a zone NS record referring to it or add it in the Name Servers dialog box of the primary server. By adding the zone to the Network Registrar list of zones within DNS, you make it authoritative.
Before you add a secondary name server, understand that the crucial difference between a primary name server and a secondary name server is where the server gets its data. A primary name server reads its data from files. A secondary name server loads is data over the network from another name server. When a secondary server starts up, it contacts the primary name server it updates from and pulls the zone data over. This is referred to as a zone transfer.
Step 2 Click the Add toolbar button to display the Add Zone dialog box (Figure 4-5).
Step 3 Enter the zone's name.
This is the same name that you eterd when configuring the primary zone on the other server.
Step 4 Click the Secondary button.
Step 5 Click OK.
Step 6 Click the Secondary Zone Configuration tab in the Add Secondary DNS Zone dialog box, and enter the IP address of the primary server (from which the data will be transferred).
Step 7 Click the Zone Transfers tab, and select to enable or restrict zone transfers.
If you want to restrict zone transfers, enter the IP addresses of those servers from which this secondary zone will accept transfer requestss.
Step 8 Click OK.
Step 9 Reload the DNS server.
The following example adds the zone, ns1.example.com, whose primary zone's address is 192.168.1.5.
Step 2 Optionally, use the zone enable command to restrict zone transfers for this particular zone.
Step 3 Optionally, use the zone set command set to indicate which servers are allowed to request a zone transfer from this secondary server.
If it is important that the outside world can always reach you or you need robustness, then you should configure several secondary servers to ensure that at least one of them can supply information about the domain at all times.
Use the zone addRR command to add the NS record with the Fully Qualified Domain Name (FQDN). The following example adds an NS record to the zone for the name server with the name ns4..example.com.
Follow the instructions in the "Adding a Zone's Secondary Name Server" section.
Step 2 Click the Show Properties toolbar button to display the Zone Properties dialog box (Figure 4-4).
Step 3 Click the Name Servers tab.
Step 4 Type the name of the secondary name server.
Step 5 Click the Hosts tab.
Step 6 Click OK.
Step 7 Click Add.
Step 8 Re-specify the name of the secondary name server.
Step 9 In the Address field, enter the IP address of the secondary name server.
Step 10 Click Close.
Step 11 Click OK.
Step 12 Reload the DNS server.
Follow the instructions in the "Adding a Zone's Secondary Name Server" section.
If the capacity of your system changes or you need to reconfigure your network, you can remove a secondary name server.
Step 2 Click the Remove toolbar button.
Step 3 Click Yes to remove the zone.
Step 4 Reload the DNS server.
Step 5 If the server is listed as authoritative in any other zones, you need to remove it, as follows:
(a). From the Server Manager (Figure 2-10), select the primary zone in which this secondary server is listed as authoritative.
(c). In the DNS Zone Properties dialog box, click the Name Servers tab (Figure 4-3)
(d). Select and delete the name of the secondary name server you want to remove.
The zone removeHost command deletes an NS record from the zone for the name server with the name ns4.example.com
If the name server is listed as authoritative in any primary zone, you need to remove it as follows:
Although all servers are caching servers because they save the information received until the data expires, you can create a caching-only server that is not authoritative for any zone. The caching-only name server's only function is to answers queries by asking other servers, who have the authority, for the information needed. They can then "learn" or cache the information for answering subsequent queries.
The true value of using a cache-only name server comes in after it builds its cache. Each time a caching-only name server queries an authoritative name server and receives its answer, it caches the records. Over time, the cache grows to include the most often requested information. And, it allows you to avoid the overhead of zone transfers because a caching-only name server does not need to do them.
When you first install Network Registrar on a system connected to the Internet, it automatically is a caching-only server. It can pose and answer DNS queries about information that it has cached, but is not authoritative, because you have not yet configured any zones.
Because you can have only one DNS server per physical host, if you make this DNS server a caching-only server, you must install another DNS server on another system to create any primary or secondary zones.
Step 2 Click the Show Properties toolbar button to display the DNS Server Properties dialog box.
Step 3 Click the Options tab (Figure 4-13) and verify that the default, Enable recursive queries check box is selected.
Step 4 Click OK.
Step 5 Reload your server to save the changes.
Use the dns get command to check that the no-recurse feature is disabled.
After you have configured the DNS server, you must save the data. To have the changes take effect on the live network, you must reload the DNS server.
Step 2 From the Servers menu, select Reload.
Step 3 Click OK.
Network Registrar stops the server you have selected, updates the database with the new configuration information, and restarts the server.
Use the save command to save your changes to Network Registrar's configuration database.
Use the server command to reload the server.
You can enable or disable the DNS server features. Since there is only one DNS server per cluster, you do not need to reference the server by name.
You can also specify server-wide parameters, such as the server's name, its forwarding servers, its root name servers, and a number of advanced options.
Note Whenever you make changes, you must reload the server to write the configuration information to the Network Registrar database. For procedures for reloading, stopping, and starting the server, see the "Servers Commands (Server Menu)" section.
You can display DNS general server properties, such as the server's cluster name, which is the name of the cluster or host machine to which this server belongs and the version number, which is the software release number of the Network Regisrtar DNS server software.
You can change the internal name of the DNS server by deleting the current name and typing a new name. This name is used for notation, and does not reflect the server's official name. Network Registrar uses the server's IP address for official name lookups, and to tie it to dynamic DNS update
Use the the General tab in the DNS Server Properties dialog box to display the cluster name and the version number (Figure 4-7).
Use the dns show command to display the DNS server's properties.
Sites that must limit their network traffic for security reasons, because they pay by the packet, or because the network connection is a slow link, can designate one or more servers to be forwarders for the current server. These servers handle all off-site requests before the local server searches for the answer through the Internet. Over time, the forwarders build up a rich cache of data that can satisfy most requests.
Forwarders are useful in the following situations:
Note You may want to restrict the name server even more by stopping it from even attempting to contact an off-site server. A slave server is a type of server that uses forwarders exclusively. It answers queries from its authoritative and cache data, but it relies completely on the forwarders for data not in its cache. If the forwarders do not provide an answer, it does not try to contact other servers to find information.
Step 2 Enter the address of the forwarder you want to add.
Step 3 If you want to make the server a slave server, then select the Slave mode check box.
The dns addForwarder command lets you specify the addresses of any name servers that you want your Network Registrar DNS server to use as forwarders. For example, to add the forwarder server 192.168.1.4, type:
Use the dns command slave-mode feature to designate this server as a slave server. For example, to enable slave mode, type:
You can view current forwarders so you can determine if your current forwarder configuration suits your needs.
The address of the forwarder or forwarders assigned appears in the list.
Use the dns listForwarders command to list all the forwarders for this server.
You can specify multiple forwarders. If the first forwarder does not respond after eight seconds, Network Registrar asks each remaining forwarder in sequence until it receives an answer or until it exhausts the list.
If the DNS server receives no answer, the next step depends on whether you have slave mode on or off.
Step 2 Enter the address of the forwarder or forwarders.
Step 3 Click OK.
Step 2 Select the address of the forwarder you want to remove and press Delete.
Step 3 Click OK.
You can use the dns removeForwarder command to remove forwarders. The following example removes the forwarder 192.168.1.4.
Step 2 Select and delete the address of the forwarder you want to edit. Enter the address of the forwarder you want to add.
Step 3 Click OK.
To change the IP address of a forwarder, remove the forwarder and add a new one.
Step 2 Use the dns command addForwarder method to add the new forwarder.
The root name servers know the addresses of the authoritative name servers for all the top-level domains. When you first start a newly installed Network Registrar DNS server, it uses a set of preconfigured hints (sometimes called root hints) as authorities to ask for the current root name servers.
When Network Registrar gets a response to this root-server query, it caches it just like other response records. Network Registrar uses these cached records as its root-server list. When the cached records expire, Network Registrar repeats the process. Because Network Registrar has a persistent cache, it does not need to requery this data when it restarts.
The time to live (TTL) on the official root-server records is currently six days, so Network Registrar will requery every six days, unless you have specified a lower Max. Cache TTL value. For more information about TTLs, see the Glossary.
Because the configured servers are only hints, they do not need to be a complete set. You should periodically (every month to six months) look up the root servers to see if the information needs to be altered or augmented. You can do this by running either the nslookup or the dig command.
You can add as many names and addresses as you want. It is important to configure only valid root name servers for proper operation. Network Registrar checks that you are entering a valid name and address, and displays an error message if the information is incorrect.
The Root Name Servers tab of the DNS Server Properties dialog box contains a set of hints about root name servers (Figure 4-9).
Step 2 Enter the name and address you want to add.
Step 3 Click OK.
You can use the dns addRootHint command to add root name servers. Specify both the name and address of the server.
Perform these steps to remove a root name server.
You can remove as many names and addresses as you want, by continually selecting and deleting. You must remove both the name and address. If you leave text in either field, Network Registrar displays an error message.
Step 2 Select and delete the name you want to remove.
Step 3 Select and delete the address you want to remove.
Step 4 Click OK.
Use the dns removeRootHint command to delete the server.
If you do not want the DNS servers to use the standard resolution method of querying the root name server for certain particular names outside its domain, use resolution exception to handle your corporation's internal name.
Resolution exception handles your corporation's internal name resolution by explicitly listing the domains and name servers you want each DNS server to use for specific queries. By specifying the name servers you want DNS to use, Network Registrar can resolve names without resorting to querying the standard root name servers.
For example, the sample company, QuickExample, has four subsidiaries: red, blue, yellow, and green. Each of them has its own domain under the .com domain. When users at red.com want to use resources at blue.com, their DNS server knows that it is not authoritative for blue.com, and attempts to locate blue.com by asking the root name servers.
These queries cause unnecessary traffic, and in some cases fail because internal resources are often barred from external queries or sites that use private networks that cannot be located because their network addresses are not unique. The Network Registrar exception handling solves these problems.
To use exception handling, the administrator at red.com. lists all the domains that users might want to access, and at least one corresponding name server. In this case, the administrator would list the three other domains for the QuickExample company.
Now when a user at red.com wants to access a server at blue.com, the red DNS server queries the specified blue.com's name server instead of querying the root name server.
Exception resolution is a DNS server property that you can assign.
Use the Exception tab (Figure 4-10) to add the exception server.
Step 2 Click Add domain name.
Step 3 Enter the domain name of the subsidiary you want to access (Figure 4-11).
Step 4 Click OK.
Step 5 Enter the address of a name server for that domain (Figure 4-12).
Note that you can specify multiple address (name servers) for each exception domain.
Step 6 Click OK.
Use the dns addException command to add the exception server. The following example specifies multiple addresses:
You can remove exception properties from a domain name.
Step 2 Select the domain name you want to remove.
Step 3 Click Remove domain name.
Both the name and address are removed.
Use the dns removeException command to remove the exception server.
You can enable or disable DNS server options, such as:
There are two types of queries: recursive and iterative or nonrecursive. DNS clients typically generate recursive queries. When the query is recursive, the name server asks other DNS servers for any nonauthoritative data not in its own cache. When the query is nonrecursive, the name server either answers the query if it is authoritative for the zone, or has the answer in its cache, or tells the client which name server to ask next.
To enable recursive queries, you must disable the no-recurse property.
Step 2 Click the Enable recursive queries check box to enable recursive queries.
Use the dns disable command to set the no-recurse property. By default, no-recurse is disabled.
A query may result in multiple Resource Records of the same name and type being returned. To compensate for the fact that most DNS clients start with (and most limit their use to) the first record in the list, you can enable round-robin. Enabling Round-Robin ensures successive clients resolving the same name will connect to different addresses. This operation causes the Network Registrar DNS server to rearrange the order of the records each time it is queried.
Step 2 Click the Enable round-robin check box to enable round robin.
Use the dns enable command to set the round-robin property. By default, round-robin is enabled.
Hiding a subzone hides its internal infrastructure from outside the zone. When enabled, it must include the top-level domain.
Use the dns hide-subzones command to configure a server hide subzone information about the subzone hierarchy for all zones delegated from this server. This feature collapses a portion of the domain namespace into one virtual zone.
To disable a hide-subzone state, use the dns hide-subzone command as follows:
If you enable subnet sorting (as implemented in BIND 4.9.7), the Network Registrar DNS server checks the network address of the client before responding to a query. If the client, the DNS server, and the target of the query are on the same subnet, and the target has multiple addresses (multiple A records), the server attempts to reorder the address records within the answer by putting the target's closest address first in the response packet. DNS servers always return all a target's addresses, but most clients use the first address and ignore the others.
If you enable both round-robin and subnet sorting, Network Registrar first applies round-robin sorting and then applies subnet sorting. The result is that if you have a local answer it will remain at the top of the list, and if you have multiple local A records, Network Registrar will cycle through them.
Step 2 Click the Enable subnet sorting check box to enable subnet sorting.
Use the dns command to enable or disable the subnet-sorting feature. By default, subnet-sorting is disabled.
IXFR controls whether or not secondary zones can request incremental transfer from their primary zone.
Note NOTIFY, which enables the primary zone to inform its secondary zones when changes have been made, can be used in conjunction with IXFR. They they work well together and ensure more efficient zone updates. For more information about IXFR, see RFC 1995 and the "Enabling NOTIFY" section in this guide.
Step 2 Click the Enable incremental transfer (IXFR) checkbox to enable incremental transfer.
Use the dns command to enable incremental transfer for all zones for which you have not configured specific behavior. By default, ixfr-enable is enabled.
In addition, the following optional commands allow you to fine tune IXFR:
Use the zone command to disable incremental transfer for a single zone. The value for incremental transfer is inherited from the dns ixfr-enable command, unless you override it.
Use the remote-dns command to allow only some servers to perform incremental transfer.
Use the dns ixfr-expire-interval command to change the incremental transfer interval.
NOTIFY enables the Network Registrar DNS master (primary zone) to inform its slaves (secondary zones) that changes have been made to its zone. The changes are not communicated in the NOTIFY packet, instead the slaves initiate a zone transfer in response.
Because a master server for a zone does not know specifically which slaves transfer from it, Network Registrar notifies all registered name servers for the zone (name servers listed in the name server Resource Records) when the zone changes. The sole exception to this policy is that Network Registrar does not notify the server named in the SOA mname field (the primary master). For more information about NOTIFY, see RFC 1996.
Step 2 Click the Enable NOTIFY check box to enable NOTIFY.
Use the dns command to send notification for all zones for which you have not configured specific behavior. By default, notify is enabled.
NOTIFY also notifies the servers you have specified in the notify-set list.
Use the zone command to specify an optional comma-separated list of servers to notify.
To see a list of servers that have been set, use the zone get notify-set command.
You can set advanced options, such as:
Glue records are informational records that are included in a response to a query. For example, most answers include Name Server (NS) records, which then cause the inclusion of A records to resolve the NS record name into an address. These A records are the glue records. Selecting the Prefetch glue records option tells the server to find records it would not normally, so it can include them in answers to subsequent queries.
Note A glue record is a DNS A (address) record that specifies the address of a subdomain's authoritative name server.
Step 2 Click the Prefetch glue records check box to enable this propery.
Use the dns command to enable or disable the no-fetch-glue feature. By default, no-fetch-glue is disabled.
Lame delegation occurs when a DNS server listed in the parent's delegation of a zone does not know that it is authoritative for the zone. The server can detect and report this when, in the process of tracking down an answer, it is referred to a server that in turn refers it to another server for a domain closer to the root (actually farther from the answer).
Note This does not indicate a problem with the DNS configuration, but with the configuration at the DNS server you are querying. You cannot do anything to correct lame delegation at other domains.
Step 2 Click the Report lame delegation check box to enable lame delegation.
Use the dns command to enable or disable the lame-deleg-notify feature. By default, lame-deleg-notify is disabled.
Step 2 Click the Enable relaxed dynamic update check box to enable this property.
Use the dns command to enable or disable the update-relax-zone-name feature. By default, update-relax-zone-name is disabled.
To ensure a quick response to repeated requests for the same information, the DNS server maintains a cache of information it has learned from other DNS servers on behalf of its DNS clients. It also remembers negative information, such as "no such name" or "no such data," that it has learned in the same way. It is important to discard this information at some point to accommodate changes that may occur at the authoritative source. The positive information the server learns is always accompanied by a Time To Live (TTL) parameter indicating how long it may be considered valid; negative information is not.
The value of the negative cache time represents the length of time negative information will be considered valid. It should be a relatively short period in order to be responsive to the creation of new data at the authoritative source, yet long enough to serve some value to other clients looking for t
