Hands-on exercises for Module 6: DNS with IPv6

  • Article

These hands-on exercises are designed for Module 6: DNS with IPv6 of the Microsoft IPv6 course from the Microsoft Virtual Academy. They demonstrate the forwarding and DNS replication of the corp.contoso.com domain between two DNS servers over IPv6.

These hands-on exercises assume that you have built the following IPv6 test lab based on the Hands-on exercises for Module 5: DHCPv6 article.

 

Step 1: Add DNS2 to the Corpnet2 subnet

On the Hyper-V server hosting the IPv6 test lab, open the PowerShell Integrated Script Environment (ISE) or an administrator-level Windows PowerShell command prompt.

For the $isoNameServer variable, insert the name of your downloaded Windows Server 2012 R2 ISO file, not including the .ISO extension and removing the "<" and ">" characters.

Run the following command block to create DNS2 and start the operating system installation process.

# Variables

#$isoNameServer="<name of the Windows Server 2012 R2 ISO file>"

$vhdPath="C:\ProgramData\Microsoft\Windows\Hyper-V\

$isoPathServer="C:\ISOs\ + $isoNameServer + ".iso"

 

# Create DNS2

$vmName="DNS2"

$vsdxPath=$vhdPath + $vmName + ".VHDX"

New-VM –Name $vmName –MemoryStartupBytes 1GB -NewVHDSizeBytes 128GB –SwitchName InternetAccess –NewVHDPath $vsdxPath

Set-VMDvdDrive -VMName $vmName -Path $isoPathServer

Start-VM $vmName

 

In the Hyper-V Manager, connect to the DNS2 VM and complete the installation process for Windows Server 2012 R2. Sign in to DNS2 using the Administrator account and password.

Use the Hyper-V Manager to change the network adapter for DNS2 to use the Corpnet2 virtual switch.

Open a Windows PowerShell command prompt and run the following commands:

New-NetIPAddress -InterfaceAlias Ethernet -IPAddress 10.0.2.2 -AddressFamily IPv4 -PrefixLength 24

Set-DnsClientServerAddress -InterfaceAlias Ethernet -ServerAddresses 10.0.0.2

Set-DnsClient -InterfaceAlias Ethernet -ConnectionSpecificSuffix corp.contoso.com

New-NetFirewallRule –DisplayName "Allow ICMPv4-In" –Protocol ICMPv4

New-NetFirewallRule –DisplayName "Allow ICMPv4-Out" –Protocol ICMPv4 –Direction Outbound

New-NetRoute -DestinationPrefix 10.0.0.0/24 -InterfaceAlias Ethernet -AddressFamily IPv4 -NextHop 10.0.2.1

Install-WindowsFeature DNS -IncludeManagementTools

Add-Computer -NewName DNS2 -DomainName corp.contoso.com

Restart-Computer

Here is the resulting lab configuration.

Step 2: Configure forwarding and zone replication over IPv6

This procedure configures DC1 to allow zone transfers to DNS2.

  1. Use the Hyper-V Manager to connect to DC1 and log in using the CORP\User1 account.
  2. Click Start, type dns, and then click the DNS snap-in icon.
  3. In the console tree, open DC1 > Forward Lookup Zones. In the tree pane, right-click corp.contoso.com, and then click Properties.
  4. Click the Zone Transfers tab, click Allow zone transfers, click To any server, and then click OK.

 

Use this procedure to configure DNS2 with DC1 as a forwarder and to host a secondary copy of the corp.contoso.com zone.

  1. Log in to DNS2 using the CORP\User1 account.
  2. On DNS2, click Start, type DNS, and then click the icon for the DNS snap-in.
  3. In the console tree, click DNS2. In the contents pane, right-click Forwarders, and then click Properties.
  4. On the Forwarders pane, click Edit.
  5. In <Click here to add an IP Address or DNS Name>, type DC1, and then press the TAB key. The IPv4 and IPv6 addresses of DC1 appear. Click 10.0.0.2 and click Delete, and then click OK twice.
  6. In the console tree, right-click DNS2, and then click New Zone.
  7. On the Welcome page, click Next.
  8. On the Zone Type page, click Secondary zone, and then click Next.
  9. On the Forward or Reverse Lookup Zone page, click Next.
  10. On the Zone Name page, type corp.contoso.com, and then click Next.
  11. On the Master DNS Servers page, type DC1 and then press the TAB key.
  12. The IPv4 and IPv6 addresses of DC1 appear. Click 10.0.0.2 and click Delete, and then click Next.
  13. On the Completing page, click Finish.

In the contents pane, double-click Forward Lookup Zones, and then double-click corp.contoso.com.

You should see the list of DNS records in the corp.contoso.com domain.

At an administrator-level Windows PowerShell command prompt, run the following commands.

Set-DnsClientServerAddress -InterfaceAlias Ethernet -ServerAddresses 127.0.0.1

ipconfig

In the display of the ipconfig command, note the value of the IP Address field here: ______________________

In this procedure, you configure the DHCP and DHCPv6 scopes for per-subnet DNS server IP addresses.

  1. Switch over to DC1. Open an administrator-level Windows PowerShell command prompt and run the ipconfig command.
  2. Note the value corresponding to the IP Address field here: ______________________
  3. For the $dc1Address and $dns2Address variables, insert the IPv6 addresses of DC1 and DNS2 and remove the "<" and ">" characters. Then, run the resulting command block:

$dc1Address="<the IPv6 address of DC1>"

$dns2Address="<the IPv6 address of DNS2>"

Remove-DhcpServerv4OptionValue –OptionID 6

Set-DhcpServerv4OptionValue -ScopeID 10.0.0.0 –OptionID 6 -Value 10.0.0.2

Set-DhcpServerv4OptionValue -ScopeID 10.0.2.0 –OptionID 6 -Value 10.0.2.2

Remove-DhcpServerv6OptionValue –OptionID 23

Set-DhcpServerv6OptionValue -Prefix 2001:db8:: –OptionID 23 -Value $dc1Address

Set-DhcpServerv6OptionValue -Prefix 2001:db8:0:2:: –OptionID 23 -Value $dns2Address

  1. In the DNS snap-in, open the corp.contoso.com forward lookup zone. Note the A and AAAA records for CLIENT1, including the A record for the IPv4 address on the Corpnet subnet beginning with "10.0.0".
  2. Using the Hyper-V Manager, change CLIENT1's network adapter to use the Corpnet2 virtual switch. At the Windows PowerShell command prompt, run ipconfig /renew until you get an IPv4 address that starts with "10.0.2".
  3. On DC1, refresh the display of the records in the corp.contoso.com domain. You should see the three records for CLIENT1, including two AAAA records and an A record for the IPv4 address on the Corpnet subnet beginning with "10.0.2".
  4. On DNS2, refresh the display of the records in the corp.contoso.com domain. You should see the old records for CLIENT1, including the A record for the IPv4 address on the Corpnet subnet beginning with "10.0.0".
  5. Right-click the corp.contoso.com domain, and then click Transfer new copy of zone from Master. Refresh the display of the corp.contoso.com domain . You should now see the new records for CLIENT1, including the A record for the IPv4 address on the Corpnet subnet beginning with "10.0.2".

Because you configured DC1 as a replication partner using its IPv6 address, this proves that DNS replication of the corp.contoso.com domain occurred over IPv6.

To continue your hands-on learning about IPv6, see Hands-on exercises for Module 7: IPv6 and Network Security.