Last time we go together, we looked at installing the DNS server role to your Windows 2016 server. Now we’re going to dive into configuration baby!
To configure the DNS forwarder (so it can resolve names it doesn’t have cached or in its zone file) we need to open the DNS manager.
So hit the Windows Logo key on your keyboard, type “Server Manager” and then choose “DNS” from the Tools drop down menu in the upper-right corner of the screen.
Yeah, I know it looks like nothing is going on here but there’s a magical world hiding under that FBV-DNS host in the left pane… check this out.
Right click the hostname go to Properties…
Hit the Forwarders tab, click the Edit button to prepare to add a DNS server that can resolve names for us.
We’ll add 220.127.116.11 to resolve the addresses.
So to test this we’ll type ping youtube.com from our Windows 10 client machine.
This will force our local computer to check its %WinDir%\System32\Drivers\Etc\hosts file for static entries and then its local cache for an A record mapped to the youtube.com domain name.
We can take a look to see if there’s a mapping already with the following command:
type %windir%\system32\drivers\etc\hosts | findstr youtube.com
Alright nothing there.
So now we can check the local DNS cache
ipconfig /displaydns | findstr youtube.com
So we have no mappings right now.
Let’s ping youtube.com and then check the local DNS cache.
Basically what happened is the client said:
Yo, DNS server, I need you to give the IP address of youtube.com.
So our local DNS server, the Windows 2016 Server was like, “let me check my host file and my local cache… dang… I have no idea let me forward this request up the chain”
This is called a Forward Lookup request and the DNS server made a forward lookup request for the A record belonging to youtube.com. Since we configured 18.104.22.168 as the forwarder, 22.214.171.124 took care of it.
That Google DNS server, 126.96.36.199, looked up the name, replied to the Windows 2016 Server with the answer, the 2016 server cached the response and then forwarded the reply on to the client which can then cached the result as well.
So we need to view the DNS cache.
On our Windows 10 machine we can type:
And on the server we can type:
You can see the DNS cache record there.
And if you want to see what’s happening at the packet level just check this out:
I took this from the client. You can see the client (192.168.1.15) sending a DNS query to our Windows 2016 server (192.168.1.14) with the query of Type: A for youtube.com. This is in the middle pane.
So the Windows 2016 Server received the query, forwarded it along and then sent back the response it received from 188.8.131.52
Pretty cool eh?
That’s all there is to it.