Dashboard

Installing and Configuring Domain Name System (DNS)

0/1 Lessons

Course Introduction
• 10min

0 / 2 lessons complete

Instructor and Course Introduction
Free Preview Lesson

Video | 7 min

What's New in Windows Server 2016 DNS
Free Preview Lesson

Video | 3 min

DNS Basics
• 1hr 16min

0 / 8 lessons complete

What is DNS
Free Preview Lesson

Video | 3 min

Installing the DNS Windows Server Role

Video | 6 min

Building DNS Server Quiz

Quiz | 10 min

The Hosts File

Video | 4 min

DNS Console Overview

Video | 7 min

Recursive and Iterative Queries

Video | 8 min

DNS Basics LAB

Lab | 30 min

DNS Basics Quiz

Quiz | 8 min

DNS Resource Records
• 46min

0 / 5 lessons complete

DNS Resource Record Types

Video | 3 min

Creating the mytestzone Forward Lookup Zone

Text | 2 min

Creating DNS Resource Records

Video | 4 min

Creating DNS Resource Records Lab

Lab | 30 min

DNS Resource Records Quiz

Quiz | 7 min

DNS Zones
• 3hr 41min

0 / 12 lessons complete

DNS Zones

Video | 4 min

Creating a Forward and Reverse Lookup Zone

Video | 5 min

Creating a Secondary Zones

Video | 9 min

Stub Zone Creation

Video | 11 min

Active Directory Zone Replication

Video | 12 min

Implementing DNS Forwarding

Video | 8 min

Implementing Conditional DNS Forwarding

Video | 7 min

Forward and Reverse Zone Creation Lab

Lab | 30 min

Creating a Secondary Zone Lab

Lab | 30 min

Conditional Forwarding Lab

Lab | 60 min

Creating a Stub Zone Lab

Lab | 30 min

DNS Zones Quiz

Quiz | 15 min

DNS Delegation
• 50min

0 / 4 lessons complete

Domain Name System and DNS Delegation

Video | 7 min

Windows 2016 Server and DNS Zone Delegation

Video | 8 min

DNS Delegation Lab

Lab | 30 min

QUIZ - Domain Name System and DNS Delegation

Quiz | 5 min

DNS Security Techniques
• 36min

0 / 5 lessons complete

DNS Security Techniques Overview

Video | 9 min

Configuring DNS Cache Locking

Video | 5 min

Configuring DNS Socket Pools

Video | 6 min

Configuring Response Rate Limiting

Video | 8 min

DNS Security Techniques Quiz

Quiz | 8 min

Advanced DNS Topics
• 22min

0 / 5 lessons complete

Overview of Advanced Topics

Video | 1 min

Enabling Round Robin and Netmask Ordering

Video | 5 min

Configuring Recursion

Video | 4 min

IPV4 and IPV6 Root HInts

Video | 6 min

Advanced DNS Topics Quiz

Quiz | 6 min

DNS Security (DNSSEC)
• 1hr 16min

0 / 6 lessons complete

Windows DNS Security Overview

Video | 7 min

Symmetric vs Asymmetric Encryption

Video | 5 min

Installing DNSSEC on Windows 2016 Server

Video | 12 min

DNSSEC Client Install

Video | 7 min

DNSSEC (DNS Security Lab)

Lab | 30 min

DNSSEC Quiz

Quiz | 15 min

DNS Policies
• 54min

0 / 6 lessons complete

DNS Policies Background Information

Video | 8 min

Configuring DNS Filtering

Video | 6 min

Configuring Split Brain DNS in an Active Directory Environment

Video | 12 min

Configuring DNS Selective Recursion Policy

Video | 7 min

Configuring a Traffic Management Policy

Video | 11 min

DNS Policies Quiz

Quiz | 10 min

PowerShell for DNS
• 1hr 27min

0 / 6 lessons complete

PowerShell for DNS Part 1

Video | 2 min

PowerShell for DNS Part 2

Video | 5 min

PowerShell for DNS Part 3

Video | 10 min

PowerShell for DNS Part 4

Video | 5 min

PowerShell for DNS LAB

Lab | 60 min

Powershell for DNS Quiz

Quiz | 5 min

Troubleshooting DNS Issues - Troubleshooting Tools
• 1hr 39min

0 / 8 lessons complete

Troubleshooting Tools Every IT Pro Must Know

Video | 9 min

The Events Viewer Overview

Video | 6 min

Subscriptions

Video | 9 min

Monitoring and Debug Logging

Video | 9 min

Trouble-Shooting DNS Client Issues

Video | 4 min

Troubleshooting Subscriptions Lab

Lab | 30 min

DNS Troubleshooting Lab

Lab | 30 min

DNS Troubleshooting Quiz

Quiz | 2 min

Configuring DNS Cache Locking

Full-Access Members Only

Sorry, this lesson is only available to Server Academy Full-Access members. Become a Full-Access member now and get instant access to this and many more premium courses. Click the button below and get instant access now.

Instructions

Q&A (0)

Notes (0)

Resources (0)

Saving Progress...

Resources

There are no resources for this lesson.

Notes can be saved and accessed anywhere in the course. They also double as bookmarks so you can quickly review important lesson material.

Create note

If you recall a normal DNS query works like this:

A DNS client queries a recursive DNS server.
The server caches the result.
Next time the DNS server will be able to respond more quickly to other DNS clients querying the same information.
The amount of time that a record resides in cache is determined by the Time to Live (TTL) value of the record.
If the TTL, is set to a shorter time or percentage a record could be overwritten if more recent data is available for the record.
However, this exposes a security issue. A malicious person may try to overwrite the record and redirect clients to an unsafe Web site.

To mitigate this risk in Windows server 2016:

You can use DNS cache locking to determine when information in the DNS cache can be overwritten.
When you enable cache locking the DNS server does not allow updates until the TTL has fully expired.
By default, the TTL is set to 100% or 24 hours.

To configure Cache Locking we need to open up PowerShell in administrator mode.
I’ll show you two ways to accomplish setting your TTL percentage. First to check the current percentage

Get-Dnsserver

If we Drop down to the ServerCache heading we notice that the locking percent by default is set to 100%. If you want to change the percentage type to 70% type

Set-DnsServerCache –LockingPercent 70

You can also use the dnscmd to accomplish this.

You can check the current TTL setting by typing the command dnscmd /info /cachelockingpercent
In most environments you are not going to adjust this, but if you want to reduce the time that a record in your cache can get overwritten, you can do so by running the following commands:

dnscmd /config /cachelockingpercent 100 (24 hours)
dnscmd /config /cachelockingpercent 75 (18 hours)
dnscmd /config /cachelockingpercent 50 (12 hours)
dnscmd /config /cachelockingpercent 0 (Update immediately)

Server Academy Members Only

Sorry, this lesson is only available to Server Academy Full Access members. Become a Full-Access Member now and you’ll get instant access to all of our courses.

0 0 votes

Lesson Rating

0 Comments

Inline Feedbacks

View all comments

Installing and Configuring Domain Name System (DNS)

Course Introduction
• 10min

DNS Basics
• 1hr 16min

DNS Resource Records
• 46min

DNS Zones
• 3hr 41min

DNS Delegation
• 50min

DNS Security Techniques
• 36min

Advanced DNS Topics
• 22min

DNS Security (DNSSEC)
• 1hr 16min

DNS Policies
• 54min

PowerShell for DNS
• 1hr 27min

Troubleshooting DNS Issues - Troubleshooting Tools
• 1hr 39min

Configuring DNS Cache Locking

Full-Access Members Only

Resources

Server Academy Members Only

Training

Sign Up Free

Our Curriculum

IT Labs

Lab Challenges

Blog

Members

Login

Community

Discord

About Us

Contact

Course Introduction • 10min

DNS Basics • 1hr 16min

DNS Resource Records • 46min

DNS Zones • 3hr 41min

DNS Delegation • 50min

DNS Security Techniques • 36min

Advanced DNS Topics • 22min

DNS Security (DNSSEC) • 1hr 16min

DNS Policies • 54min

PowerShell for DNS • 1hr 27min

Troubleshooting DNS Issues - Troubleshooting Tools • 1hr 39min

Configuring DNS Cache Locking

Full-Access Members Only

Resources

Server Academy Members Only

Training

Members

About Us

Course Introduction
• 10min

DNS Basics
• 1hr 16min

DNS Resource Records
• 46min

DNS Zones
• 3hr 41min

DNS Delegation
• 50min

DNS Security Techniques
• 36min

Advanced DNS Topics
• 22min

DNS Security (DNSSEC)
• 1hr 16min

DNS Policies
• 54min

PowerShell for DNS
• 1hr 27min

Troubleshooting DNS Issues - Troubleshooting Tools
• 1hr 39min