You need to create and configure DNS forward and reverse zones to allow a managed DHCP Server to perform dynamic DNS update using GSS-TSIG.
To configure DNS zones:
- Create forward and reverse lookup zones with the domain name that you created. In this guide, we're using bcn.com and 2.0.192.in-addr.arpa as forward and reverse lookup zones. The forward and reverse lookup zones of a DNS server must exist before adding host and pointer records.
- Add two host records for the DHCP Server and Address Manager in the forward lookup zone.
- Add a pointer (PTR) record for the DHCP Server and Address Manager in the reverse lookup zone. If you select Create associated pointer (PTR) record option when adding a host record, the corresponding PTR record will be added to the reverse zone automatically.
In the forward and reverse lookup zones properties, you need to verify and
select the following options:
- Type—Active Directory-Integrated. Windows DNS supports Secure only for Active Directory- Integrated zones. You need to make sure the zone type is set to Active Directory- Integrated.
- Dynamic updates—select Secure only