Migrating DNS servers from Linux to Windows (Part 1)

By /

If you would like to read the next part of this article series please go to Migrating DNS servers from Linux to Windows (Part 2).

Introduction

A properly functioning Domain Name Services (DNS) infrastructure is essential for Active Directory environments. The simplest way of course to set up DNS name servers with Active Directory is to install and configure the DNS Server role on your Windows Server domain controllers. For various reasons however, some organizations already have deployed or may choose to deploy Linux name servers running the Berkeley Internet Name Daemon (BIND) implementation of DNS.

Linux BIND servers are lightweight and fast name servers that are easy to manage if you have basic knowledge of Linux administration, and provided they’re running modern versions of BIND they’re also interoperable with Active Directory domain controllers. In larger organizations there may also be political reasons for keeping your existing BIND servers instead of migrating them to Windows Server DNS. For example, the administrators of your current DNS infrastructure may be unwilling to relinquish their control over DNS to Active Directory admins. And when two companies merge or an acquisition occurs, existing cultures of Linux and Windows Server administration may clash.

The TechNet documentation on migrating from BIND to Windows Server DNS has been around since Windows Server 2003 but has not been updated since Windows Server 2008 so it’s well worth revisiting the subject. The documentation is also sparse and provides only minimal guidance on the actual steps involved in such migrations. Because of this, I’ve asked my colleague Todd Lamothe to walk us through the steps involved in migrating a DNS zone from a Linux BIND name server to a Windows server running the DNS Server role. Todd is the principal consultant for Nattrac Consulting Ltd. where he does IT consulting focusing on Windows deployments, Windows Server technology, Azure Cloud and Exchange / Office 365 deployments. He has been working in the IT field for 20 years, and you can find out more about him at http://www.about.me/ToddLamothe. Todd has also contributed content in the past to our WServerNews newsletter, for example see his guest editorial on data deduplication in Windows Server 2012 in Issue #942 of our newsletter. Let’s now watch Todd as he walks us through the migration process.

Walkthrough of BIND to Windows DNS migration

In this article, I am going to walk you through the steps to migrate off a Linux box for DNS and migrate services to a Windows Server 2012 R2 computer. I am doing this currently for one of my customers who is hosting their DNS on an out of date Red Hat Linux server. We are then using a third party to manage the DNS traffic and our master server provides zone updates to those machines and does not serve any public traffic.

Preparing the Linux box

On the Linux box we need to ensure that zone transfers to the new Windows boxes are allowed.

Edit the named.conf file, which in this server’s case is located in /etc/named. For each of the domains that we wish to migrate to the new server we should check that there is a line, which is written like this example:

allow-transfer { 192.168.1.8; };

Image
Figure 1: Step 1 of migrating a Linux BIND name server to a Windows Server DNS server.

This grants permission to this DNS server to allow a zone transfer to another box. Any current secondary servers will need to be here and we need to add the IP of our server. Once we have added the IP address of our new Windows Server 2012 R2 server for each domain, we are ready to move on to the next step of preparing the Windows Server.

Preparing the Windows Server

Install Windows, name the box and give it an IP address. The IP you give it should match what you configured in Linux for the allow transfer.

Next add the DNS Server role to the server, once it is added, open the DNS console.

Image
Figure 2: Step 2 of migrating a Linux BIND name server to a Windows Server DNS server.

Right-click on Forward Lookup Zones and then add the first domain. In my first example I am using carttan.ca:

Image
Figure 3: Step 3 of migrating a Linux BIND name server to a Windows Server DNS server.

Click Next:

Image
Figure 4: Step 4 of migrating a Linux BIND name server to a Windows Server DNS server.

Click on Secondary Zone and click Next:

Image
Figure 5: Step 5 of migrating a Linux BIND name server to a Windows Server DNS server.

Enter in the DNS name for the zone you are creating. Then click Next:

Image
Figure 6: Step 6 of migrating a Linux BIND name server to a Windows Server DNS server.

Enter in the IP Address of the Master DNS server, press enter and then when it goes green, click Next. If it doesn’t go green, then there is an issue and check the Linux server:

Image
Figure 7: Step 7 of migrating a Linux BIND name server to a Windows Server DNS server.

Click Finish to close the wizard and return to the DNS Manager console:

Image
Figure 8: Step 8 of migrating a Linux BIND name server to a Windows Server DNS server.

Check that the records are coming across properly.

Repeat these steps for each and every domain that needs to be migrated.

Promoting the Windows Server to Primary Master for the DNS Zone

Right click on the Zone and go to properties to convert from Secondary to Master Server:

Image
Figure 9: Step 9 of migrating a Linux BIND name server to a Windows Server DNS server.

Click on Change:

Image
Figure 10: Step 10 of migrating a Linux BIND name server to a Windows Server DNS server.

Click on Primary Zone and click OK.

Next click on the Zone Transfers tab:

Image
Figure 11: Step 11 of migrating a Linux BIND name server to a Windows Server DNS server.

Click on Allow Zone Transfers and click on Only To The Following Servers. Click Edit and enter the information for the servers you want to be secondary servers. These will be the servers you direct internet traffic to. These could be secondary servers hosted anywhere. I have also configured my firewall to allow DNS traffic to these servers only.

Next we will configure the Start of Authority record. We need to change the primary server. Here we will use one of our external responding servers as our primary. Also set the Responsible person and be sure to increment the serial number once you are complete with the changes:

Image
Figure 12: Step 12 of migrating a Linux BIND name server to a Windows Server DNS server.

Setting up the Secondary DNS Servers

Install Windows, name the box and give it an IP address.

Next add the DNS Server role to the server, once it is added, open the DNS console. This should be familiar as these are the steps we’ve already completed with setting up the master DNS server:

ImageFigure 13: Step 13 of migrating a Linux BIND name server to a Windows Server DNS server.

Right-click on Forward Lookup Zones and then add the first domain. Again, in my example, I am using carttan.ca:

Image
Figure 14: Step 14 of migrating a Linux BIND name server to a Windows Server DNS server.

Click Next:

Image
Figure 15: Step 15 of migrating a Linux BIND name server to a Windows Server DNS server.

Click on Secondary Zone and click Next. The steps to follow are identical to what we first completed when we setup the first Windows Server prior to making it a master server.

Check that the records are coming across properly. Repeat these steps for each domain that needs to be migrated.

Create a new record for your external DNS servers. These need to be addresses that are externally routable (which I have not used in my example here), next add them into your DNS servers in the Name Servers tab removing the one server that is listed for internal. In my example I only have one server showing up now:

Image
Figure 16: Step 16 of migrating a Linux BIND name server to a Windows Server DNS server.

As you can see in the above example, there is no mention of ns1.carttan.ca which is the master server for these domains. Next let’s turn off DNS resolution for any domain which we do not host. Right click on the name of the server and go to the advanced tab. Check Disable recursion:

Image
Figure 17: Step 17 of migrating a Linux BIND name server to a Windows Server DNS server.

The final steps to complete are changing your internet registration files so that the DNS servers are pointed to the new external servers.

Conclusion

In the second article of this two-part series we’ll examine some other issues associated with migrating DNS from BIND to Windows Server and will provide some additional resources on the topic.

If you would like to read the next part of this article series please go to Migrating DNS servers from Linux to Windows (Part 2).

About The Author

Mitch Tulloch is Senior Editor of both WServerNews and FitITproNews and is a widely recognized expert on Windows Server and cloud technologies. He has written more than a thousand articles and has authored or been series editor for over 50 books for Microsoft Press and other publishers. Mitch has also been a twelve-time recipient of the Microsoft Most Valuable Professional (MVP) award in the technical category of Cloud and Datacenter Management. He currently runs an IT content development business in Winnipeg, Canada.

Read Next

Static vs Dynamic IP Address

Static vs Dynamic IP Address

Most people are familiar with Internet Protocol (IP) Addresses, but many people don’t know you have 2 types. In this article, you’ll learn about static…

Read More »

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top