Examen 3 Server

A DNS server that holds a complete copy of a zone's resource records (typically a primary or secondary zone).

authoritative server

OS virtualization in which the hypervisor runs directly on the host computer's hardware and controls and monitors guest OSs. Also called a "type 1 hypervisor."

bare-metal virtualization

A packet addressed to all computers on the network.

broadcast address

computers in the domain can register or update their own DNS records, or DHCP can update DNS on the clients' behalf when a computer leases a new IP address. Both the client computer and the DHCP server must be configured to use this feature.

Dynamic DNS (DDNS)

a feature that became available with Windows Server 2008 R2 Service Pack 1, allows an administrator to set startup, minimum, and maximum memory allocation values for each VM. Hyper-V adjusts the memory allocation for a VM up or down, based on its actual memory needs, between the minimum and maximum value you specify.

Dynamic Memory

DNS servers that maintain addresses of other DNS servers that are authorita- tive for second-level domains that use the top-level domain. For example, a TLD server for the com top-level domain contains NS records for authoritative DNS servers for all domains ending in com.

top-level domain (TLD) servers

an address in a unit of network data in- tended for a single destination computer

unicast address

Files stored on the host computer that repre- sent a virtual machine's hard disk.

virtual disk

is a device that listens for broadcast DHCPDISCOVER and DHCPREQUEST messages and forwards them to a DHCP server on another subnet. You configure a DHCP relay agent on a subnet that doesn't have a DHCP server so that you can still manage DHCP addresses from a central server without having to configure the DHCP server with network interfaces in each subnet.

A DHCP relay agent

is a pool of IP addresses and other IP configuration parameters that a DHCP server uses to lease addresses to DHCP clients.

A DHCP scope

implements OS virtualization by being installed in a general-purpose host OS, such as Windows 8 or Linux, and the host OS accesses host hardware on behalf of the guest OS. Also called hosted virtualization, it's used mostly for desktop virtualiza tion solutions. Examples include VMware Player and Workstation, Microsoft Virtual PC, and Oracle VirtualBox.

A type 2 hypervisor

The arp command displays or makes changes to the Address Resolution Protocol (ARP) cache, which contains IP address-MAC address pairs. As discussed, when an IP packet is sent to a destination on the local network, the sending device must have the destination's MAC address. The source computer retrieves the MAC address by sending a broadcast ARP request packet to the local network.

Address Resolution Protocol (ARP)

A method of automatic IP address assignment that occurs when a computer can't contact a DHCP server; uses the range 169.254.1.0 through 169.254.254.255.

Automatic Private IP Addressing (APIPA)

is a partial copy of a VM made at a particular moment; it contains changes made since the VM was created or since the last checkpoint and can be used to restore the VM to its state when the checkpoint was taken. A checkpoint is also referred to as a "snapshot."

Checkpoint

addresses beginning with 10

Class A

The reserved addresses are as follows:

Class A Class B Class C

addresses from 172.16 to 172.31

Class B

addresses from 192.168.0 to 192.168.255

Class C

A DHCP-enabled client obtains a lease for an IP address from a DHCP server. Before the lease expires, the DHCP server must renew the lease for the client or the client must obtain a new lease. Leases are retained in the DHCP server database approximately one day after expiration

DHCP Lease

were defined previously in "DNS Server Roles," but this section goes into more detail on when to configure and use them. Recall how a typical DNS query is processed: A DNS server receives a lookup request from a client and, if it's unable to satisfy the request, a recursive query ensues, starting with a root server.

Forwarders

specifies how long a DHCP client can keep an address. As discussed, a client tries to renew the address long before the lease expires but must release the address if it can't renew it before it expires. The lease duration is specified in days, hours, and minutes, with a minimum lease of 1 minute and a maximum lease of 999 days, 23 hours, and 59 minutes. The default lease duration is 8 days. The lease can also be set to unlimited, but this setting isn't recommended because if the client is removed from the network or its NIC is replaced, the address is never returned to the pool for lease to other clients. An unlimited duration can also cause DNS records to become stale when DHCP is configured to update DNS records on behalf of the client.

Lease duration

is a single IP address for a set of hosts that are joined in a multicasting group. An IP (Internet protocol) address is a unique numeric identifier for a computer or other device on a TCP/IP (transmission control protocol/Internet protocol) network.

Multicast address

Specify a prefix length or subnet mask that's assigned with each IP address. For example, you can specify 16 for the prefix length or 255.255.0.0 for the subnet mask. Windows fills in the prefix and subnet mask automatically based on the class of the start and end IP addresses, but you can change this information.

Prefix length or subnet mask

contains a read/write master copy of all resource records for the zone. Updates to resource records can be made only on a server configured as a primary zone server, referred to as the "primary DNS server." A primary DNS server is considered authoritative for the zone it manages. A primary zone can be an Active Directory-integrated or a standard zone.

Primary Zone

Each device that accesses the Internet must do so by using a public IP address. Because of the popularity of TCP/IP and the Internet, unique IP addresses to assign to Internet-accessible devices are almost exhausted. To help alleviate this problem, TCP/IP's technical governing body reserved a series of addresses for private networks—that is, networks whose hosts can't be accessed directly through the Internet.

Private IP Adress

is an IP address that can be accessed over the Internet. Like postal address used to deliver a postal mail to your home, a public IP address is the globally unique IP address assigned to a computing device. Your public IP address can be found at What is my IP Address page.

Public IP Address

A descriptive name for the scope. You can define multiple scopes on a DHCP server, so you might name the scope based on the range of IP addresses in it. For example, a scope that services the 10.10.0.0 network might be named "10.10-subnet."

Scope name

A scope consists of the following required parameters:

Scope name Start and end IP addresses Lease duration

define the address pool. You can't specify a start address that's the network ID or an end address that's the broadcast address for the subnet. • Prefix length or subnet mask—Specify a prefix length or subnet mask that's assigned with each IP address. For example, you can specify 16 for the prefix length or 255.255.0.0 for the subnet mask. Windows fills in the prefix and subnet mask automatically based on the class of the start and end IP addresses, but you can change this information.

Start and end IP addresses

is the virtualization software component that creates and monitors the virtual hardware environment, which allows multiple VMs to share physical hardware resources. The hypervisor on a host computer acts somewhat like an OS kernel, but instead of scheduling processes for access to the CPU and other devices, it schedules VMs. It's sometimes called the "virtual machine monitor (VMM)."

The hypervisor

A Hyper-V feature that allows creating subnets or broadcast domains on a single external or internal virtual network. Machines sharing a VLAN ID can communicate with one another directly, but those assigned different VLAN IDs must communicate through a router.

VLAN Identification

A reserved name that corresponds to the loopback address, 127.0.0.1. See also loopback address.

localhost

The IP address 127.0.0.1, which always refers to the local computer and is used to test the functioning of TCP/IP.

loopback address

A physical disk attached to the host system that's placed offline so that it can be used by a VM instead of or in addition to a virtual disk.

pass-through disk

A DNS client that sends a recursive query to a DNS server. See also recursive query.

resolver

A DNS zone containing PTR records that map IP addresses to names; it's named with the IP network address (IPv4 or IPv6) of the computer whose records it contains.

reverse lookup zone (RLZ)

DNS servers that keep a database of addresses of other DNS servers managing top-level domain names.

root server

A method of responding to DNS queries when more than one IP address exists for the queried host. Each IP address is placed first in the list of returned addresses an equal number of times so that hosts are accessed alternately.

round robin

A DNS zone containing a read-only copy of all resource records for the zone. Changes can't be made directly on a secondary DNS server, but because it contains an exact copy of the primary zone, it's considered authoritative for the zone.

secondary zone

The virtual hard disk file grows as data is written to it, up to the size you specify when the disk is created. The dynamic aspect of this type of disk goes only one way; the file doesn't shrink when data is deleted from the virtual disk. This option saves host disk space until the disk grows to its maximum size but at the expense of performance. Dynamically expanding disks are somewhat slower than fixed-size disks, and there are some concerns about host disk fragmentation when using them. However, with the VHDX format, Microsoft has made strides toward performance parity between fixed-size and dynamically expanding disks. Unless the VM is running disk-intensive applications, dynamically expanding disks are a good choice. Additionally, VMs that use dynamic disks can be backed up faster because a virtual disk's file size is smaller than a fixed-disk's file size.

Dynamically expanding

There are two types of hypervisors

Ŋ A type 1 hypervisor A type 2 hypervisor

A 32-bit dotted decimal number consisting of an unbroken series of binary 1 digits followed by an un- broken series of binary 0 digits. Used with an IP address to determine the network ID.

subnet mask

A DHCP server must be authorized on a domain network before it can begin providing services. The reason is that DHCP clients have no way of determining whether a DHCP server is valid. When a client transmits a DHCPDISCOVER packet, any DHCP server receiving the broadcast can respond. The client accepts the first offer it gets that meets the requirements in the DHCP DISCOVER packet. If a rogue DHCP server is installed on a network, whether accidentally or on purpose, incorrect IP address settings could be configured on client computers. These settings likely include the DNS server and default gateway the client uses in addition to the IP address and subnet mask. At best, incorrect IP address settings cause the client to stop communicating correctly. At worst, servers set up by an attacker to masquerade as legitimate network resources can capture passwords and other sensitive information.

DHCP Server Authorization

A DHCP server feature that allows administrators to restrict which computers on a network are leased IP addresses.

DHCP filter

A driver installed on a VM with Integration Services that's optimized for use in the Hyper-V environment.

synthetic driver

uses a parent/child relationship. A parent disk is a dynamically expanding or fixed-size disk with an OS installed, possibly with some applications and data. It becomes the baseline for one or more child (differencing) disks. A VM with a differencing disk operates normally, but any changes made to its hard disk are made only to the differencing disk, leaving the parent disk unaltered. The parent disk shouldn't be connected to a VM because it must not be changed in any way. With differencing disks, several VMs can be created by using the parent disk as the baseline but using only the additional host disk space of the differencing disk. Differencing disks are an ideal way to provision (make available) several VMs quickly without having to install an OS and applications or copy an entire virtual disk. Differencing disks work like dynamically expanding disks, in that they start very small and grow as data is written to them. All child disks must use the same format (VHD or VHDX) as the parent disk.

differencing disk

Legacy drivers installed on a VM that are used when Integration Services isn't installed; also called "legacy drivers."

emulated drivers

A virtual switch in which one of the host's physical network adapters is bound to the virtual network switch, allowing virtual machines to access a LAN connected to the host.

external virtual switch

A virtual switch with no host connection to the virtual network, thereby allowing VMs to communicate with one another. However, there's no communication between the private virtual network and the host.

private virtual switch

An advanced Hyper-V feature that enhances the virtual network adapter's performance by bypassing the virtual switch software on the parent partition.

single-root I/O virtualization (SR-IOV)

A Hyper-V feature that uses a file on the host computer for temporary memory storage when a sudden surge in memory requirements exceeds the physical amount of memory available.

smart paging

A fault-tolerant DHCP configuration in which two DHCP servers share the same scope information, allow- ing both servers to offer DHCP services to clients.

split scope

reservation is an IP address associated with the MAC address of a DHCP client to ensure that when the client requests an IP address, it always gets the same one, along with any configured options. The IP address in the reservation must fall within the same subnet as the scope and uses the same subnet mask that's configured for the scope. If options are configured for the reservation, they take precedence over options configured at the scope or server level (discussed later in "DHCP Options"). A reservation address can be any address in the subnet defined by the scope's address range and can even be within an exclusion range. If the IP address you want to use in the reservation is already in use by another DHCP client, the client using the address continues to use it until it attempts to renew it. You can force the client to release the address and get a different address by entering ipconfig /release and ipconfig /renew at a command prompt. The client the reservation is made for can be forced to start using the reserved address by entering ipconfig /renew at the command prompt, or you can wait until it attempts to renew its current address.

Reservation (IN DHCP)

a nonprofit agency responsible for Internet addressing and address management, assigns a dedicated port number to every well-known network service. For example, the HTTP protocol used by Web servers is assigned port 80, so when your computer formats a message to a Web server, the destination port number in the TCP header is 80. Similarly, when your e-mail application requests messages from your mail server, it sends the request to port 110, the Post Office Protocol (POP3) port number. Most client applications are assigned a random port number when they make a request to a server. So when you start a Web browser, for example, the Web browser window is assigned a port number. When the request for a Web page goes out, the source port number in the TCP header contains the number assigned to that Web browser window so that the Web server knows which port the reply should be sent to. If you open another Web browser window or tab, another port number is assigned, and so forth. The port number is a 16-bit value, so theoretically, you can open as many as 65,000 windows.

The Internet Assigned Numbers Authority (IANA)

This process of forwarders works well, but in situations such as the following, referring the query to a forwarder is more efficient:

When the DNS server address for the target domain is known—Suppose a company has a department working on highly confidential research, and this department is segmented from the rest of the network by routers and firewalls. This department maintains its own domain controllers and DNS servers that aren't part of the organization's domain. However, department members often need access to resources on the network servers. In addition, the research department's DNS servers aren't permitted to contact the Internet. For computers in this department network to resolve names for company resources, a forwarder can be configured on its DNS server that points to a company DNS server. The company DNS server not only resolves queries for company domain resources, but also performs recursive lookups for external domains on behalf of the research department's DNS server. • When only one DNS server in a network should make external queries—A network consisting of several DNS servers might want to limit external queries to a single DNS server. This strategy has several benefits. First, network security can be enhanced by limiting exposure to the Internet to only one server. Second, because a single server is making all the queries to Internet domains, overall DNS performance can be enhanced because the server builds an extensive cache of Internet names. To use this strategy, all DNS servers on the network, except the actual forwarder, should be configured with the forwarder. • When a forest trust is created—Windows requires DNS name resolution between the two forests involved in a trust relationship. Configuring conditional forwarders in the forest root name servers of both forests that point to each other is a good way to accomplish this. • When the target domain is external to the network and an external DNS server's address is known—A company running a small network with limited bandwidth might find that the traffic caused by an internal DNS server's recursive lookups is excessive. The internal DNS server can provide name resolution for all internal resources and forward queries for external names to the DNS server of the company's ISP.

A virtual hard disk in which the disk's full size is allocated on the host system when it's created.

fixed-size disk

the type you work with most often, contains records that translate names to IP addresses, such as A, AAAA, and MX records. It's named after the domain whose resource records it contains, such as csmtech.local.

forward lookup zone (FLZ)

A DNS zone containing a read-only copy of only the zone's SOA and NS records and the necessary A records to resolve NS records. A stub zone forwards queries to a primary DNS server for that zone and is not authoritative for the zone.

stub zone

implements OS virtualization by running on the host computer's hardware, and it controls and monitors guest OSs. It bypasses the need to install a host OS. Instead, it controls access to the host's hardware and provides device drivers for guest OSs. Also called bare-metal virtualization, it's used mainly for server virtualization in data centers. Examples include VMware ESX Server, Citrix XenServer, and Hyper-V Server.

Ŋ A type 1 hypervisor