Creating an A or AAAA record in DNS_Windows Server 2019 Cookbook-QQ阅读男生武侠网

书名：Windows Server 2019 Cookbook
作者名：Mark Henderson Jordan Krause
本章字数：1224字
更新时间：2021-06-18 18:26:34

Creating an A or AAAA record in DNS

Most folks working in IT are familiar with using the ping command to test network connectivity. If you are trying to test the connection between your computer and another, you can ping it from Command Prompt and test whether or not it replies. The PowerShell equivalent is Test-Connection. This assumes that the firewalls in your computers and network allow the ping to respond correctly, which generally is true. If you are inside a domain network and ping a device by its name, that name resolves to an IP address, which is the device's address on the network. But what tells your computer which IP address corresponds to which name? This is where DNS comes in. Any time your computer makes a request for a name, whether it is you pinging another computer or your Outlook email client requesting the name of your Exchange Server, your computer always reaches out to your network's DNS servers and asks, 'How do I get to this name?'.

DNS contains a list of records that tell the computers in your network what IP addresses correspond to what names. By far the most common type of DNS record is called a host record. When the host record resolves to an IPv4 address, such as 192.168.0.1, it is called an A record. When the host record resolves to an IPv6 address, such as 2003:836b:2:8100::2, it is called an AAAA record. This is usually pronounced quad A.

The DNS system is also where Active Directory stores a lot of information about your network and is used for service discovery, request routing, and many other important Active Directory features.

Understanding how to create and troubleshoot host records in DNS is something that every Windows server administrator needs to know. Let's take a minute to create and test one of these DNS records so that we can experience firsthand how this all works together.

Getting ready

We have a DC online, which also has the DNS role installed. This is all we need to create the DNS record, but we will also make use of a Windows 10 client computer.

How to do it…

To create and test a DNS record, perform these steps:

Most networks contain a router, which is a device that is normally not connected to an Active Directory domain at all. This means the only way to get a DNS record for it is to manually create one. We're going to call this device simply router. Open a PowerShell prompt and run Test-Connection router -Count 1. As expected, this command fails as we haven't created a DNS record for this yet. You could also use the ping router command if you are more used to the old tools:

Figure 2.15 – The output of a failed connection to a non-existent DNS name
Now, head into the DNS server (if you're following all the recipes in this book, this will be either DC01 or DC02) and open the DNS console from the Tools menu. The nature of Active Directory and DNS means that it does not matter which DNS server you do this step on – your changes will replicate to all of them.
Inside Forward Lookup Zones, you should see your domain listed. Click on the name of your domain to see your existing DNS records:

Figure 2.16 – The DNS Manager console
Right-click on your domain and click on New Host (A or AAAA)….
Input the server name into the top field and the IP address of your network router into the bottom field. Then, click Add Host. Not all routers are on a .1 address – I've seen many networks that have them at the end of a subnet (.254) or even in the middle (.160):

Figure 2.17 – The New Host screen in the DNS Manager
Tip
If you are running IPv6 on your network and want to create an AAAA record instead, you use this exact same process. Simply enter the IPv6 address into the IP address field, instead of the IPv4 address.
Now that our new host record has been created, let's test it out! Going back to our client computer, type Test-Connection router again (or ping router). You will see your output, as shown in the following screenshot:

Figure 2.18 – The output of a successful connection after creating a DNS record

This is also an excellent demonstration of the difference between a PowerShell cmdlet and the old tooling. Here, we can see that the result from Test-Connection is fully tabulated and contains even more information than the old ping command. You can then save or pipeline the output of Test-Connection into other cmdlets.

To create these DNS records via PowerShell, you need to import the DNSServer module and then use the Add-DnsServerResourceRecordA cmdlet:

Import-Module DNSServer

Add-DnsServerResourceRecordA -Name router -ZoneName ad.cookbook.packt.com -IPv4Address 172.16.97.1

How it works…

Any time a computer in a domain network requests to communicate with a hostname, DNS is the party responsible for pointing it in the right direction. If you or your applications are having trouble contacting the servers they need, this is one of the first places you will want to look into. Understanding DNS host records is something that will be necessary when working with any networking technology. If you are working within an Active Directory-integrated DNZ, which you probably will be, then any time you add a computer or server to the domain, its name will be automatically added to DNS for you. In these cases, you will not have to manually create them, but it is still important to understand how that works in case you need to troubleshoot them later.

In this recipe, we have only talked about the most common form of DNS record, but there are others you may want to learn about and test as well. In fact, look at our next recipe for information on another useful type of DNS record, known as CNAME.

Note, however, that there are a couple of other name resolution functions in the Windows operating system that may cause resolution to happen before a hostname request gets to the DNS server. For example, if someone has created a static name and IP record inside a client computer's host file (which is located in C:\Windows\System32\drivers\etc\), it will resolve to the specified IP address, no matter what is in the DNS server. This is more common on Linux machines than Windows machines but is still very possible. This is because the host file has priority over DNS. Also, there is a special table called the Name Resolution Policy Table (NRPT) that is used by DirectAccess client computers, and it works in a similar way. Name resolution requests pass through the host file and through the NRPT before making their way to DNS. If one of the former tables has an entry for the name that is being requested, they will resolve it before the computer sends the request to the DNS server for resolution. There is also a mostly outdated but still in use protocol called NetBIOS, which the ping command is notorious for falling back on and bypasses DNS altogether. So, if you are troubleshooting a name that doesn't resolve properly, keep those additional terms in mind when looking for the answer to your problem.