- The Domain Name System (DNS) is what translates hostnames into the addresses required to get users where they need to go.
- Windows Server 2016 made several enhancements to the 2012 version.
- Setting up and configuring your DNS server is a more accessible task than you may think.
- This article is for those looking to set up and configure DNS on Windows Server 2016.
A Domain Name System (DNS) translates user-friendly hostnames to IPv4 or IPv6 addresses. The DNS server in Windows Server 2016 works the same basic way as it does in Windows Server 2012 R2. However, the Windows Server engineering team added some worthwhile enhancements, including DNS policies and Response Rate Limiting (RRL). If you're a business owner looking to start a business website, you'll want to know how this all works on the back end.
Read on to learn how to get a Windows Server 2016-based DNS server up and running on your devices running Windows 10.
What is a DNS server?
DNS servers are what translate the domain name an end user types into a browser to the Internet Protocol (IP) address associated with that website. Web browsers need the IP address to deliver the requested content to the browser. IT professionals can set up a DNS server by following the steps in this guide.
Installing the DNS Server role
To install the DNS Server role, open an elevated Windows PowerShell console (right-click the PowerShell icon and select Run as Administrator from the shortcut menu) and run a single command:
Install-WindowsFeature -Name DNS -IncludeAllSubFeature -IncludeManagementTools
If you're more of a GUI-minded administrator, you can use Server Manager to install DNS Server.
Using Server Manager to install DNS Server in Windows Server 2016
As shown in the preceding screen capture, I already have DNS Server installed on my Windows Server 2016 domain controller.
Setting DNS server preferences
You can manage the Windows Server DNS Server in several ways:
- DNS Manager Microsoft Management Console (MMC)
- Windows PowerShell DNS cmdlets
- Dnscmd.exe command-line utility
If you install the Remote Server Administration Tools (RSAT) tools on your administrative workstation, you'll get all the aforementioned DNS Server management utilities.
Open the DNS Manager by typing "dnsmgmt.msc" from your elevated PowerShell console. Right-click your server and you'll see a number of configuration options directly on the shortcut menu. For instance, you'll have these options:
- Create a new forward or reverse lookup zone.
- Scour your DNS zone files for outdated and/or inaccurate records.
- Purge the server's resolver cache.
- Pause, stop, start or restart the server.
Configuring a Windows Server 2016 DNS server
In the previous screenshot, you see the Advanced page from my DNS servers' Properties sheet. Run the following command to retrieve a list of all 130-plus PowerShell DNS functions:
Get-Command -Module DNSServer | Select-Object -Property Name
Get-DnsServer -CimSession 'server01' | Set-DnsServer -ComputerName 'server02'
Of course, we use the native PowerShell *-Service cmdlets to operate on the server directly. For instance, to restart the local DNS server, run Restart-Service -Name DNS -Force.
Creating a forward lookup zone
Although you can configure a DNS server to do nothing but fulfill name resolution requests and cache the results, the primary work of a Windows DNS server is to host one or more lookup zones.
Let's create a simple forward (that is, hostname-to-IP address) lookup zone for a domain called toms.local. Here's how to do that:
- In DNS Manager, right-click Forward Lookup Zones and select New Zone from the shortcut menu. This launches the New Zone Wizard, which will ask us to specify the following information:
- Zone type. Options are primary, secondary, stub, and Active Directory-integrated. Choose primary here, and deselect the AD integration option (the AD integrated option is available only on AD DS domain controllers, by the way).
- Zone name. In this case, specify "local."
- Zone file name. Accept the default name, which is toms.local.dns. This is a simple plain text file, actually.
- Dynamic updates. Accept the default, which is to disallow dynamic updates. In production business networks, you'll want to enable this option so DNS clients can update their DNS records on their own.
- By default, your new zone will have two DNS records:
- Start of Authority (SOA). The SOA identifies which server is authoritative for the zone.
- Name Server (NS). The NS identifies the servers that host records for this zone.
Right-click the new zone and you'll see various resource record creation options directly in the shortcut menu, including these:
- Host (A): This is your "bread and butter" record that identifies a single host.
- Alias (CNAME): This record allows you to map more than one hostname to a single IP address.
- Mail Exchanger (MX): This record identifies your company's email server(s) that are attached to the current DNS domain.
We'll finish the tutorial by using PowerShell to define a new A record for a host named "client1 and verify its existence. To create the record, we use Add-DnsServerResourceRecordA (yes, that's a long command name). Follow these steps to do so:
- Use this command: Add-DnsServerResourceRecordA -Name 'client1' -ZoneName 'toms.local' -IPv4Address 172.16.1.100
- Run the (equally awkward) command Get-DnsServerResourceRecord to retrieve client1's A record.
- Use this command: Get-DnsServerResourceRecord -ZoneName 'toms.local' -Name 'client1' | Format-Table -AutoSize
Stella Morrison contributed to the writing and research in this article.