Tech Off Thread

7 posts

DNS configuration Windows Server 2008 R2

Back to Forum: Tech Off
  • andriex

    Hi All,
    I'm a new user, so I don't know if I can to make this question.

    however, I configure DNS Server my windows Server 2008 R2 and I create my zone correctly.

    now, my server response for all query but I would like to set that It responses only request query for the zone that I set into.

    how can I do this?

     

    thank you!

  • figuerres

    , andriex wrote

    Hi All,
    I'm a new user, so I don't know if I can to make this question.

    however, I configure DNS Server my windows Server 2008 R2 and I create my zone correctly.

    now, my server response for all query but I would like to set that It responses only request query for the zone that I set into.

    how can I do this?

     

    thank you!

     

    well I have never done that but I think when you setup dns server you tell it the names of other dns servers that it can talk to to get dns info for other domains.

    if you take that out of your setup then if a client asks your server for a dns name it then does not know it will reply that it can't resolve it.

    but why ?   normal DNS is a shared system and any client that gets your dns server in it's network setting will then not be able to find other sites.

    are you trying to setup an isolated network that is not a part of the internet ?

  • PopeDai

    , andriex wrote

    Hi All,
    I'm a new user, so I don't know if I can to make this question.

    however, I configure DNS Server my windows Server 2008 R2 and I create my zone correctly.

    Administrative Tools > DNS Server, right-click your server > New Zone, then follow the wizard, it's pretty idiot proof.

    now, my server response for all query but I would like to set that It responses only request query for the zone that I set into.

    Right-click your server > Properties > Advanced > [ ] Enable recursion (uncheck it), also clear the Forwarders tab.

     

  • cheong

    @andriex:AFAIK, Windows DNS does not provide the zone security provided by BIND. It's on the list of highly wanted item for many many years.

    You've got to use seperate Windows server that provides DNS and use firewall to mask out which machine has access to which DNS.

    Alternatively, you may host a small linux machine that act as secondary DNS host, and set the zone security there. (You'll also need to set the firewall to allow access to DC DNS from that linux server only, and change DHCP option to set DNS to the linux server)

    Recent Achievement unlocked: Code Avenger Tier 4/6: You see dead program. A lot!
    Last modified
  • andriex

    @figuerres:Hi, thank you for your replay.

    unfortunaly in a setup I cannot find this option.

    Usally  DNS is a shared system but for us, We don't sell DNS Service to our customer, but for some domains we have a necessity to manage DNS (example we have .do domain, and It costs soo much if we use their DNS: upper 100$ for moth).

     

  • andriex

    @PopeDai:Hi, thank you for your help.

    to create the zone is obviously a stupid thing to fact, as I said, I created it with no problem.

    I try to Enable recursion, but this case, the answer is always from parameters roots servers (example a.root-servers.net). If is possibile, I would like that my DNS Server refused the queries for the domain not in my zone.

  • andriex

    @cheong: I knew that this was possible but I'm no expert so I trust your words Smiley

     

    thank you

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.