Domain Name System Design Considerations

Ron McCarty

Welcome to Sys Admin's new monthly networking column. In this column, I will be covering network design issues that are important in today's network-centric organizations. The opinions expressed here are mine, and suggestions are based on my own experience. Thus, I'll be interested in hearing about alternate solutions to problems discussed here. Such alternatives, and any suggestions for future columns, may be addressed to me at: mccarty@my-own-domain.to. DNS design is this month's topic.

Domain Name System (DNS) was the Internet's answer to global naming. It is the standard name system required for Internet access and is often the choice of internal naming systems. Despite its widespread use, very little consideration is given to designing proper name systems. GUI configuration tools and current firewall technology can help almost anyone deploy a relatively secure DNS system; however, poorly designed DNS systems will not grow with the organization.

Like many small networks, the Internet originally used a central file with a complete listing of all hosts within the network maintained by a central authority/server. This method does not scale well due to intensive maintenance requirements. Unfortunately, unlike the Internet, many small networks do not identify these shortcomings during growth and fail to move to a system that will grow with the company. Within organizations that try to maintain host tables on more than a few centrally managed hosts, problem growth seems to match the growth of the network and host entries. Additionally, name resolution failure is often reported as a general network connectivity problem, so other resources are wasted on accurately identifying the problem and tracking down the approriate administrator to correct it.