Category: Domain Name System

Microsoft Windows PowerShell – Resolve-DnsName

You may use the Resolve-DnsName Microsoft Windows PowerShell cmdlet to perform Domain Name System (DNS) query resolution for the domain name(s) you specify. Below you will find a few examples of this cmdlet.

To perform a standard query enter Resolve-DnsName domain.com.

To perform a query without the use of a local hosts file or DNS cache enter Resolve-DnsName domain.com -NoHostsFile.

To perform a query only using the DNS client cache enter Resolve-DnsName domain.com -CacheOnly. NOTE: In this example, the DNS client cache is cleared, first. Therefore, the error is expected.

To perform a query while specifying a particular DNS server enter Resolve-DnsName domain.com -Server X.X.X.X.

To perform a query for a specific DNS record enter Resolve-DnsName domain.com -Type XX.

To perform a query of multiple domains enter domain.com“,”domain.com“,”domain.com” | Resolve-DnsName

To perform a query of domain names using a file enter Get-Content file | Resolve-DnsName. NOTE: I do not recommend placing the file in the C:\Windows\System32 directory. However, I used that directory in this example for simplicity.


Microsoft Exchange Server 2016 – Autodiscover DNS Lookup

The autodiscover service is critical to the proper functioning of a Microsoft Exchange Server 2016 infrastructure. Additionally, the autodiscover service may be utilized using SCP for domain joined clients or DNS records for external clients. The DNS records and associated URLs will be utilized, in the order below, to find the autodiscover XML file. More information regarding autodiscover may be found here.

A or CNAME (https://domain.com/Autodiscover/Autodiscover.xml)

A or CNAME (https://autodiscover.domain.com/Autodiscover/Autodiscover.xml)

A or CNAME (http://autodiscover.domain.com/Autodiscover/Autodiscover.xml)

SRV (autodiscover._tcp.domain.com)


Domain Name System – Propagation

I recently decided to test a Domain Name System (DNS) provider expansion with GoDaddy and  ClouDNS (link here) for a proof of concept using the domain name noelalvarez.org. The initial configuration and testing were successful. However, after I made the decision to host all DNS service with GoDaddy (again, it was a proof of concept) I found a large quantify of name server around the globe contained name server (NS) records for noelalvarez.org with entries pointing to ClouDNS name servers (ns21.cloudns.net, ns22.cloudns.net, ns23.cloudns.net, and ns24.cloudns.net) using Whats My DNS? (link here). I found this odd due to the fact that the GoDaddy DNS management interface only contained (2) NS records (ns57.domaincontrol.com and ns58.domaincontrol.com) which are the authoritative for the domain noelalvarez.org and the ClouDNS name servers are no longer hosting zone files or responding to DNS queries for noelalvarez.org. Additionally, the Time to Live (TTL) was a maximum of (1) hours. So, I didn’t expect to find inconsistencies days later.

So, what could be causing the lack of synchronization in the NS records (remember, DNS is a distributed and hierarchial system by nature)? Upon basic troubleshooting I found that the GoDaddy name servers ns57.domaincontrol.com and ns58.domaincontrol.com did not contain the same NS records for noelalvarez.org using the nslookup utility (please see the screen shots below). I have contacted GoDaddy support and they have provided me with assurance that they will manually delete the NS records of ns21.cloudns.net, ns22.cloudns.net, ns23.cloudns.net, and ns24.cloudns.net from ns57.domaincontrol.com.


Microsoft Windows PowerShell – Delete DNS A Record

Scripting is a great way to make yourself more efficient as an Information Technology (IT) professional. With that being said, the Microsoft Windows PowerShell script below may be used to automate the deletion of a domain name system (DNS) A record.

<#
.SYNOPSIS
This script will automate the process of deleting a DNS A record.
.DESCRIPTION
This script will automate the process of deleting a DNS A record.
.EXAMPLE
Remove-DnsServerResourceRecord -ZoneName “noelalvarez.net” -RRType “A” -Name “www”.
.AUTHOR
Written by Noel Enrique Alvarez on Thursday, December 22, 2016.
#>

#Request the hostname of the server
$HOSTNAME = Read-Host “What is the hostname of the server?”

#Delete the DNS A record
Remove-DnsServerResourceRecord -ZoneName “noelalvarez.net” -RRType “A” -Name “$HOSTNAME” -Force

#End of script


Microsoft Windows PowerShell – nslookup Configuration

You may use the following commands at a Microsoft Windows PowerShell to configure a default domain name system (DNS) server, for that instance, as well specify the type(s) of DNS records to resolve. This may be used for daily support of DNS.

  1. nslookup
  2. server <<<IP ADDRESS>>>
  3. set type=<<<DNS RECORD>>>
  4. domain.com

For example, if you wanted to configure the nslookup session to utilize a Google public DNS server (google-public-dns-a.google.com) and query the domain google.com for all DNS records you would enter the following commands.

  1. nslookup
  2. server 8.8.8.8
  3. set type=all
  4. google.com

Additionally, more information may be found using this link.


Red Hat Enterprise Linux 7 – BIND Installation and Configuration

Domain Name System (DNS) is an integral component of any Information Technology (IT) infrastructure. This is a step by step guide for configuring a Red Hat Enterprise Linux 7 public facing DNS server using the BIND software package. Additionally, I would like to add that, for the purposes of this demonstration the zone file created for noelalvarez.net is not pointing to the genuine Internet Protocol (IP) address of the website.

  1. Enter the command yum update -y to update the server.01
  2. Enter the command yum install bind-chroot bind-utils -y to install bind and DNS utilities.02-0102-0202-03
  3. Enter the command systemctl start named-chroot to start the DNS server.03
  4. Enter the command systemctl status named-chroot to verify the DNS server is running.04
  5. Enter the command rndc status to verify the name server control utility is running (i.e. server is up and running).05
  6. Enter the command journalctl -u named-chroot to verify there are no errors.06-0106-02
  7. Enter the command systemctl enable named-chroot to configure BIND to start automatically after a reboot.07
  8. Enter the command cd /etc to navigate to the etc directory.08
  9. Enter the command cp named.conf named.conf.2016111700 to create a copy of the named.conf file.09
  10. Using a text editor, edit the following fields in the name.conf file.
    1. listen-on port 53 { 127.0.0.1; }; NOTE: Add the Internet Protocl (IP) address of the host.10-01
    2. allow-query     { localhost; }; NOTE: delete localhost; and add any;.10-01
    3. Add a forward lookup zone.10-02
    4. Add a reverse lookup zone.10-02
  11. Enter the command named-checkconf to verify the named.conf file has not syntax errors.11
  12. Enter the command cd /var/named/chroot/var/named/ to navigate to the named directory.12
  13. Using a text editor create the zone file for a forward lookup. In this example it is noelalvarez.net.13
  14. Using a text editor create the zone file for reverse lookup. In this example it is the 67.205.160.0/24 IP address range.14
  15. Enter the command rndc reload to read the changes made to the named.conf and zone files.15
  16. Enter the command cd /etc to navigate to the etc directory.16
  17. Using a text editor, edit the resolv.conf file by adding configuring the server to use it’s IP address for name resolution.17
  18. Enter the command dig noelalvarez.net to query the name server for the A record of noelalvarez.net.18
  19. Additionally, you may use nslookup to query the name server for the various records that were created.19
  20. Lastly, you may query the name server from a host on an external network to verify it is a public facing DNS server.20

Microsoft Windows Server 2012 R2 – Deleting a PTR Record

If you ever need to delete an individual pointer record (PTR) that is all capitalized and will not delete from the Microsoft Windows Server DNS graphical user interface (GUI) then use the example command below. The example below will delete the PTR record which corresponds to Internet Protocol (IP) address 192.168.25.100.

Remove-DnsServerResourceRecord -ZoneName “25.168.192.in-addr.arpa” -RRType “PTR” -Name “100”


BIND – Create a Bind Zone File

You may use the following website to automatically create a BIND zone file.

Enjoy!


Linux – Configure a BIND Zone File

Domain Name System (DNS) is an essential part of any network. Berkeley Internet Name Domain (BIND) may be installed and configured on Linux CentOS and provide DNS name resolution. The configuration of BIND includes zone files. Below you will find a sample zone file for the domain name example.com. You may use this sample as a template and input the DNS records for your corresponding domain name.
01


Migration – Email Service Provider – 1

Currently, I am assisting with the technical planning for an email service provider migration for my employer. One of the things to take into consideration for this type of project is reducing the impact of any possible down time with email.

One of the ways to reduce any impact is to perform such a project over a weekend (when normal business is not taking place). Additionally, you may considering changing the default time-to-live (TTL) for the MX records. In our case, the default TTL is set to 86400 (1 day) so we are changing it to 7200 (2 hours). This will make sure that when we change the MX records for our domain all of the DNS servers around the globe will receive that change within (2) hours. Therefore, theoretically, any new incoming email while be forwarded to the correct mail servers within (2) hours of the MX record changes.

As always, with any changes made to your existing infrastructure always plan carefully and document the changes (i.e. change management or change tracking).