NOTE You can’t configure the root server for a domain for forwarding (except for conditional forwarding used with internal name resolution). You can configure all other servers for forwarding.
To create a nonforwarding or forwarding-only DNS server, follow these steps:
1. In the DNS Manager console, press and hold or right-click the server you want to configure, and then tap or click Properties.
2. Tap or click the Advanced tab. To configure the server as a nonforwarder, ensure that the Disable Recursion check box is cleared, tap or click OK, and then skip the remaining steps. To configure the server as a forwarding-only server, be sure that the Disable Recursion check box is selected.
3. On the Forwarders tab, tap or click Edit. This displays the Edit Forwarders dialog box.
4. Tap or click in the IP Address list, type the IP address of a forwarder for the network, and then press Enter. Windows then attempts to validate the server. If an error occurs, make sure the server is connected to the network and that you’ve entered the correct IP address. Repeat this process to specify the IP addresses of other forwarders.
5. Set the Forward Queries Time Out interval. This value controls how long the nonforwarder tries to query the current forwarder if it gets no response. When the Forward Time Out interval passes, the nonforwarder tries the next forwarder on the list. The default is three seconds. Tap or click OK.
Any DNS server that isn’t designated as a nonforwarder or a forwarding-only server will act as a forwarder. Thus, on the network’s designated forwarders you should be sure that the Disable Recursion option is not selected and that you haven’t configured the server to forward requests to other DNS servers in the domain.
If you have multiple internal domains, you might want to consider configuring conditional forwarding, which enables you to direct requests for specific domains to specific DNS servers for resolution. Conditional forwarding is useful if your organization has multiple internal domains and you need to resolve requests between these domains.
To configure conditional forwarding, follow these steps:
1. In the DNS Manager console, select and then press and hold or right-click the Conditional Forwarders folder for the server with which you want to work. Tap or click New Conditional Forwarder on the shortcut menu.
2. In the New Conditional Forwarder dialog box, enter the name of a domain to which queries should be forwarded, such as adatum.com.
3. Tap or click in the IP Address list, type the IP address of an authoritative DNS server in the specified domain, and then press Enter. Repeat this process to specify additional IP addresses.
4. If you’re integrating DNS with Active Directory, select the Store This Conditional Forwarder In Active Directory check box, and then choose one of the following replication strategies:
■ All DNS Servers In This Forest Choose this strategy if you want the widest replication strategy. Remember, the Active Directory forest includes all domain trees that share the directory data with the current domain.
■ All DNS Servers In This Domain Choose this strategy if you want to replicate forwarder information within the current domain and child domains of the current domain.
■ All Domain Controllers In This Domain Choose this strategy if you want to replicate forwarder information to all domain controllers within the current domain and child domains of the current domain. Although this strategy gives wider replication for forwarder information within the domain, not every domain controller is a DNS server as well (nor do you need to configure every domain controller as a DNS server).
5. Set the Forward Queries Time Out interval. This value controls how long the server tries to query the forwarder if it gets no response. When the Forward Time Out interval passes, the server tries the next authoritative server on the list. The default is five seconds. Tap or click OK.
6. Repeat this procedure to configure conditional forwarding for other domains.
Enabling and disabling event logging
By default, the DNS service tracks all events for DNS in the DNS Server event log. This log records all applicable DNS events and is accessible through the Event Viewer node in Computer Management. This means that all informational, warning, and error events are recorded. You can change the logging options by following these steps:
1. In the DNS Manager console, press and hold or right-click the server you want to configure, and then tap or click Properties.
2. Use the options on the Event Logging tab to configure DNS logging. To disable logging altogether, choose No Events.
3. Tap or click OK.
Using debug logging to track DNS activity
You typically use the DNS Server event log to track DNS activity on a server. This log records all applicable DNS events and is accessible through the Event Viewer node in Computer Management. If you’re trying to troubleshoot DNS problems, it’s sometimes useful to configure a temporary debug log to track certain types of DNS events. However, don’t forget to clear these events after you finish debugging.
To configure debugging, follow these steps:
1. In the DNS Manager console, press and hold or right-click the server you want to configure, and then tap or click Properties.
2. On the Debug Logging tab, shown in Figure 9-11, select the Log Packets For Debugging check box, and then select the check boxes for the events you want to track temporarily.
FIGURE 9-11 Use the Debug Logging tab to select the events you want to log.
3. In the File Path And Name text box, enter the name of the log file, such as dns.logs. Logs are stored in the %SystemRoot%\System32\Dns directory by default.
4. Tap or click OK. When finished debugging, turn off logging by clearing the Log Packets For Debugging check box.
Monitoring a DNS server
Windows Server 2012 R2 has built-in functionality for monitoring a DNS server. Monitoring is useful to ensure that DNS resolution is configured properly.
You can configure monitoring to occur manually or automatically by following these steps:
1. In the DNS Manager console, press and hold or right-click the server you want to configure, and then tap or click Properties.
2. Tap or click the Monitoring tab, shown in Figure 9-12. You can perform two types of tests. To test DNS resolution on the current server, select the A Simple Query Against This DNS Server check box. To test DNS resolution in the domain, select the A Recursive Query To Other DNS Servers check box.
FIGURE 9-12 Configure a DNS server for manual or automatic monitoring on the Monitoring tab.
3. You can perform a manual test by tapping or clicking Test Now. You can schedule the server for automatic monitoring by selecting th e Perform Automatic Testing At The Following Interval check box and then setting a time interval in seconds, minutes, or hours.