DNS Records

About DNS Records

Since DNS server plays an important role when it comes to keeping the network up and accessible, it becomes important for the administrators to keep a close eye on the DNS records, and verify their validity on a regular basis. DNS records are the entries of the computer names along with their corresponding IP addresses in the DNS server database. Although there can be several DNS record types that a DNS server database can have, some of the most commonly used and important DNS records include:

• Host (A) – Host (A) records are the names of the computers along with their corresponding IPv4 IP addresses that are registered with the DNS server.
• Host (AAAA) – Host (AAAA) records are the names of the computers along with their corresponding IPv6 IP addresses that are registered with the DNS server.
• MX – MX are the Mail Exchanger records that are added to the DNS server when Microsoft Exchange Server is deployed in the network.
• CNAME – CNAME a.k.a. Canonical Name is an alias name that administrators create in the DNS server to specify a more user-friendly name of any computer that has a complex name. For example, if a Fully Qualified Domain Name (FQDN) of a file server in the network is ‘fs01-dom01-comp05.mydomain.com’, administrators can create ‘fileserver.mydomain.com’ as a CNAME (alias name) for that fileserver.

Importance of Adding DNS Records Manually

While working in production environment, where the computers connected in the network contain highly sensitive and classified information, administrators must consider the security of the network at the topmost priority. Although any such network infrastructure is already protected by strong firewalls and highly efficient anti-virus applications, most administrators still add an additional layer of security to the network by disabling DNS dynamic updates. When DNS dynamic updates are disabled, no computer from within the network or from outside can automatically register itself with the DNS server, thus preventing the server from adding fake and unwanted DNS records automatically.
Although the above discussed DNS configuration increases the network security, it also increases the administrative overhead because administrators are then required to add the DNS records of authentic computers in the network manually. Experienced administrators can also use batch files to automate the process of adding multiple DNS records just by a single click.

Add Host (A) DNS Records Manually

To add Host (A) DNS records manually to the DNS database, administrators must follow the steps given as below:

1. Log on to Windows server 2008 R2 DNS server computer with domain admin or enterprise admin credentials.
2. From the desktop screen, click Start.
3. From the Start menu, go to Administrative Tools > DNS.
4. On DNS Manager snap-in, from the console tree in the left pane, double-click to expand the DNS server name.
5. From the expanded list, double-click Forward Lookup Zones.
6. From the displayed zones list, click to select the DNS zone for which Host (A) DNS record is to be added.
7. Once selected, right-click the DNS zone.
8. From the displayed context menu, click New Host (A or AAAA).
   

   Click New Host
9. On New Host box, type in the Fully Qualified Domain Name (FQDN) along with the IP address of the target host computer in the Name (uses parent domain name if blank) and IP address fields respectively.
10. Once done, click Add Host. Optionally, Create associated pointer (PTR) record checkbox can also be checked to automatically generate a PTR entry of the target computer in theReverse Lookup Zones before clicking Add Hostbutton.
    

    Add a Host
11. On the displayed message box, click OK.
12. Back on the New Host box, click Done.
13. Close DNS Manager snap-in when done.

Exchange 2010 mail flow diagram

Exchange 2010 mail flow from start to finish

This refers to a typical Exchange 2010 organization, what fundamentally happens during MAPI mailflow.

A user sends email from Outlook (where their mailbox resides on the Mailbox server) and the message will be moved to the Outbox,
mail will be picked up from the Store driver on the Hub transport server. The message is sent to the Submission queue.
From the Submission Queue the message is sent to the Categorizer. The Categorizer will process all inbound messages 
and determines what to do with the message, it will apply policies, route message and perform content conversion.

1: Recipient resolution (resolves recipients email address to see if it is internal or external)
2: Routing (recipient is resolved and determines where message needs to be sent ie: external IP or next hop to Hub Transport server)
3: Content conversion (HTML, RTF, TXT)

The message is then sent to the Delivery queue. This is where the message is determined for either external delivery (these messages are then sent to the SMTP Send connector for external delivery). Or for internal email delivery, it will be passed to the correct Hub transport servers store driver, then delivered to the appropriate Mailbox server and Mailbox or Public folder.

In Summary:
1: Message is sent and waits in Outbox of outlook
2: Store driver on Hub Transport picks up this message from the oubox
3: Message is passed to the Submission Queue
4: Message is moved to the Categorizer where Recipient resolution, routing and content conversion takes place.
5: (For internal messages) email is then sent to the (destination ) Delivery queue of the hub transport server (eg: London HUB server)
(For external messages) email is then submitted to the Delivery Queue and then SMTP send to external destination.
6: Message is then moved to the Store Driver (at destination Hub Transport server) for delivery to the Mailbox server. Message is then delivered to mailbox or Public folder.




Below is Microsoft's diagram of how message flow works within 2010.

More high level Microsoft architecture for Hub transport can be seen here:

http://www.microsoft.com/en-us/download/details.aspx?id=21987