Network Services | CompTIA Network+ N10-007 | 1.8

In this video you will learn about network services such as:  DNS services, DHCP services, NTP, & IPAM.

DNS (Domain Name System)

The DNS is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network.  It associates various information with domain names assigned to each of the participating entities.  Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols.  In layman’s terms, the DNS is essentially the phone book of the Internet.  Instead of memorizing a bunch of IP addresses to get to a certain website, DNS associates names to the IP addresses.  

Example:  

• IP address 172.67.147.245 is the IP address associated with www.TechnologyGee.com
• If you type the IP address into the URL (uniform resource locator), it will take you straight to TechnologyGee
  • Caution:  My website is behind a content delivery network (CDN), so trying to access my site directly by the IP address is going to present an error stating “Direct IP access not allowed”.

DNS Records

DNS records (zone files) are instructions that live in authoritative DNS servers and provide information about a domain including what IP address is associated with that domain and how to handle requests for that domain.  These records consist of a series of text files written in what is known as DNS syntax.  DNS syntax is essentially a string of characters used as commands that tell the DNS server what to do.  You can think of a set of DNS records like a business listing on Yelp.  The listing will give information about the business such as the business’s location, hours, services offered, etc.  All domains are required to have at least a few essential DNS records for users to be able to access their website using a domain name, and there are several optional records that serve additional purposes.

Most Common DNS Records

• A (stands for address):  the record that holds the IP address of a domain.  Example, A record for the IP address for TechnologyGee.com is 172.67.147.245.
  • AAAA:  “A” records only hold IPv4 addresses.  IPv6 addresses store “AAAA” records.

• TXT (text):  lets a domain administrator store text notes in the record in the DNS.  The TXT record was originally intended for human-readable notes, however, it is possible to put machine-readable data into a TXT record.
  • SPF (Sender Policy Framework):  a type of TXT record in a DNS zone file.  SPF records identify of which mail servers are permitted to send email on behalf of your domain.  SPF records can help detect & prevent spammers from sending email messages with forged ‘From’ addresses on your domain.
  • DKIM (DomainKeys Identified Mail):  an authentication standard used to prevent email spoofing.  DKIM attempts to prevent the spoofing of a domain that’s used to deliver email.

• SRV (service):  specifies a host and port for specific services such as voice over IP (VoIP), instant messaging (IM), etc.  Most other DNS records only specify a server or an IP address, but SRV records include a port at the IP address as well.  Some Internet Protocols (IPs) require the use of SRV records in order to function.
• MX (mail exchange):  directs email to a mail server.  The MX record indicates how email messages should be routed in accordance with SMTP (simple mail transfer protocol…standard for all email).

• CNAME (canonical name):  used in lieu of an ‘A’ record, when a domain or subdomain is an alias for another domain.  All CNAME records must point to a domain, never to an IP address.
  • Example:  Suppose blog.website.com has a CNAME record with a value of ‘website.com’ (without the ‘blog’).  This means when a DNS server hits the DNS records for blog.website.com, it actually triggers another DNS lookup to website.com, returning website.com’s IP address via its ‘A’ record.  In this case, blog.website.com is the canonical name (true name) of blog.website.com.
• NS (nameserver):  indicates which DNS server is authoritative for that domain (which server contains the actual DNS records).  NS records tell the Internet where to go to find out a domain’s IP address.  A domain often has multiple NS records which can indicate primary & backup nameservers for that domain.  Without properly configured NS records, users will be unable to load a website or application.
  • Note:  NS records can never point to a CNAME record

• PTR (pointer):  provides the domain names associated with an IP address.  A PTR record is exactly the opposite of the ‘A’ record, which provides the IP address associated with a domain name.  PTR records are used in reverse DNS lookups.  When a user attempts to reach a domain name in their browser, a DNS lookup occurs, matching the domain name to the IP address.  A reverse DNS lookup is the opposite of this process; it is a query that starts with the IP address and looks up the domain name.

Cloud-Hosted DNS

Cloud-hosted DNS is a high-performance, resilient, global DNS service that publishes your domain names to the global DNS in a cost-effective way.  Cloud-hosted DNS lets you publish DNS zones and records without the burden of managing your own DNS servers and software.

DNS Hierarchy/DNS Root Domain

DNS uses a hierarchy to manage its distributed database system.  The DNS hierarchy (domain name space) is an inverted tree structure.  The DNS tree has a single domain at the top of the structure called the root domain.  A period or dot (.) is the designation for the root domain.  Below the root domain are the top-level domains that divide the DNS hierarchy into segments.

• Domains & Subdomains
  • A domain is a label of the DNS tree.  Each node on the DNS tree represents a domain.  Domains under the top-level domains represent individual organizations or entities.  These domains can be further divided into subdomains to ease administration of an organization’s host computers.
  • A domain in a subtree is considered part of all domains above it.  For example, chicago.companya.com is part of the company.com domain, & both are part of the .com domain.

DNS Zone

The DNS is broken up into many different zones.  These zones differentiate between distinctly managed areas in the DNS namespace.  A DNS zone is a portion of the DNS namespace that is managed by a specific organization or administrator.  A DNS zone is an administrative space which allows for more granular control of DNS components, such as authoritative nameservers.  The domain name space is a hierarchical tree, with the DNS root domain at the top.  A DNS zone starts at a domain within the tree and can also extend down into subdomains so that multiple subdomains can be managed by one entity.

Forward vs. Reverse Zone

DNS zones contain the records for the mapping of domain names to IP addresses or other information.  The resolution of a domain name to its assigned information is also referred to as a forward resolution and the DNS zones associated with such processes are often referred to as forward zones.  Reversed zones, which are used for the reverse process, find the DNS name associated with an IP address.

DHCP (Dynamic Host Configuration Protocol)

Dynamic Host Configuration Protocol is a network management protocol used on IP networks whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device (PCs, printers, servers, routers, etc) on a network so they can communicate with other IP networks. A DHCP server enables computers to request IP addresses and networking parameters automatically from the ISP, reducing the need for a network administrator or a user to manually assign IP addresses to all network devices. In the absence of a DHCP server, a computer or other device on the network needs to be manually assigned an IP address, or to assign itself an APIPA address, the latter of which will not enable it to communicate outside its local network. If you get your address from a DHCP server, you are getting your address assigned dynamically, and it could change periodically.

DHCP Services

MAC Reservations

Some devices on the network require static addresses that do not change, such as printers, servers which have to be assigned manually by a network administrator. This enables these devices to be more reliable and easily accessible over time.  A MAC (media access control) reservation is when a DHCP server maps a specific MAC address to a specific IP address that will not be assigned to any other device within a network.  This static addressing approach is referred to as a DHCP reservation.

Pools

A DHCP pool is when a DHCP server maintains a pool of IP addresses & leases an address to any DHCP-enabled client when it starts up on the network.  Because the IP addresses are dynamic (leased) rather than static (permanently assigned), addresses no longer in use are automatically returned to the pool for reallocation.

IP Exclusions

A DHCP IP exclusion is a specified range of IP addresses residing within a DHCP range.  IP addresses residing within the exclusion range are excluded from the pool of available IP addresses and are un-leasable.  The DHCP server is prevented from assigning IP addresses within the exclusion range to network devices.

Lease Time

A DHCP-assigned IP address is not permanent & expires in about 24 hours.  This is what’s referred to as a DHCP lease time.  Unless modified from default settings, DHCP servers assume that your IP address is temporary and expires after a set amount of time.  This practice can be extremely beneficial as IP addresses become available for other devices to use when needed.  This creates a more streamlined system and makes staying organized easier.

DHCP Relay

The DHCP relay agent operates as the interface between DHCP clients and the server.  The DHCP relay agent relays DHCP messages between DHCP clients and DHCP servers on different IP networks.

NTP (Network Time Protocol)

The Network Time Protocol is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks.  NTP is intended to synchronize all participating computers to within a few milliseconds of Coordinated Universal Time (UTC).  It uses the intersection algorithm to select accurate time servers and is designed to mitigate the effects of variable network latency.  NTP can usually maintain time to within tens of milliseconds over the public Internet, and can achieve better than one millisecond accuracy in LANs under ideal conditions.  Asymmetric routes and network congestion can cause errors of 100ms or more.  The protocol is usually described in terms of a client-server model, but can as easily be used in peer-to-peer relationships where both peers consider the other to be a potential time source.  NTP supplies a warning of any impending leap second adjustment, but no information about local time zones or daylight saving time is transmitted.

IPAM (IP Address Management)

IPAM is a methodology implemented in computer software for planning and managing the assignment and use of IP addresses and closely related resources of a computer network.  It does not typically provide DNS and DHCP services, but manages information for these components.  Additional functionality, such as controlling reservations in DHCP and other data aggregation and reporting capabilities is also common.  Data tracked by an IPAM system may include information such as IP addresses in use, and the associated devices and users.  IPAM tools are increasingly important as new IPv6 networks are deployed with large address pools of 128-bit hexadecimal numbers and new subnetting techniques.