Configuring Forward and Reverse Lookup Zones in Windows Server 2008 R2 and 2012

When initially installing and configuring Windows DNS server, one of the first tasks to perform is the creation of forward lookup zones (and possibly reverse lookup zones). In plain speak, this is when the domains that will be served by this DNS server will be configured. For the purposes of providing the reader enough knowledge to get this task completed, this article takes a walkthrough approach. A DNS server has been installed but not yet configured at the beginning of this article and we’ll create the forward and reverse lookup zones using the built-in wizard. Keep in mind that this can be done without using the wizard without much trouble, but for the purposes of keeping the lesson simple the wizard options will suffice.

DNS Lookup Zone Configuration

The configuration of the lookup zones is not all that confusing, and when using the wizards available it becomes even easier. As shown in Figure 1, the DNS server role has been installed on the server and is shown in the left pane. For those looking to perform this configuration on Windows Server 2008 R2, access to the DNS Manager can be achieved either through Server Manager or Administrative Tools.

forward and reverse lookup zones windows server

 

  • Once DNS is selected from the left pane, a list of known DNS servers will be displayed. Right-click on the target server and select DNS Manager.

forward and reverse lookup zones windows server dns manager

 

  • At this point the DNS Manager window will open (which looks similar in Windows Server 2008 R2); this is shown below in Figure 3.

forward and reverse lookup zones windows server dns manager

  • To start the DNS configuration wizard, right-click on the server name and select Configure a DNS Server.

forward and reverse lookup zones windows server dns manager

 

  • The initial screen is very basic and gives a brief description of what the wizard can do. Skim over the text and select Next.
  • The screen shown below in Figure 5 asks which configuration tasks should be performed with the wizard. For the purpose of this walkthrough, both forward and reverse lookup zones will be created. Choose a configuration action, then select Next.

forward and reverse lookup zones windows server dns manager

 

  • The next screen verifies that a forward lookup zone should be created. Choose to create a forward lookup zone and select Next.
  • You’ll be asked which type of zone should be created, as seen here in Figure 6. The wizard offers a good description of the different options, but the option that is selected depends on whether this server will be the central authority for the zone (domain) being created. Choose a zone type and select Next.

forward and reverse lookup zones windows server dns manager zone type

 

 

  • Now you’ll be asked for the name of the zone, which is commonly known as a domain name. For the purpose of this walkthrough, a locally specific zone name was used, but if the server being created by the reader is a public domain, simply type in the name of the domain (i.e. yahoo.com). Type in the name of the zone and select Next.

forward and reverse lookup zones windows server dns manager zone type

 

  • The next screen asks for the file name that will store the zone information being created with the wizard; generally this can be left using the default option. Choose a file name and select Next.
  • The next screen (as shown below) will ask if dynamic updates should be allowed. For a non-Active Directory integrated zone the only two options are insecure/secure updates or none. From a security perspective it makes sense to disable this functionality without AD. Choose an option and select Next.

forward and reverse lookup zones windows server dns manager

 

  • If both the forward and reverse options were selected as shown in Figure 5, you’ll begin the process of creating a reverse zone. Choose to create a reverse zone and select Next.

reverse lookup zones windows server dns manager

 

  • As shown below, you will be prompted about the reverse zone type. Choosing an option here will most likely mirror what was selected as shown in Figure 6 above. Choose an option and select Next.
  • The next screen will ask whether the reverse lookup zone should be for IPv4 or IPv6. Choose the appropriate one and select Next. If both are needed, you will have to configure separately.
  • Now you’ll be asked for the network ID for the zone. This screen will differ if an IPv6 reverse zone is chosen. Enter the network ID and select Next.

forward and reverse lookup zones windows server dns manager

 

  • The next screen asks for the file name that will store the zone information being created with the wizard; generally this can be left using the default option. Choose a file name and select Next.
  • Once again you’ll be asked whether dynamic updates should be allowed. Choose an option and select Next.
  • The next screen (as shown below) asks if the server should forward queries to unknown addresses or names. If no forwarders are selected then the local server will go out to the root servers itself and find the information. Choose an option and select Next.

forward and reverse lookup zones windows server dns manager

 

  • Next, you’ll confirm the completion of the DNS configuration wizard, then select Finish. This will bring it back to the main DNS Manager screen (as shown below); as shown both a forward and reverse lookup zone have been created.

forward and reverse lookup zones windows server dns manager

 

At this point the DNS server contains no information and is only able to look up remotely configured names and addresses. However, it is authoritative for the testing.local (or whatever zone name the reader configured) domain and records can be created that can be used both locally and remotely depending on the network configuration. Stay tuned for a follow-up article that will review the different available record types and how to configure them.