Hi All, I'm a new user, so I don't know if I can to make this question.
however, I configure DNS Server my windows Server 2008 R2 and I create my zone correctly.
Administrative Tools > DNS Server, right-click your server > New Zone, then follow the wizard, it's pretty idiot proof.
now, my server response for all query but I would like to set that It responses only request query for the zone that I set into.
Right-click your server > Properties > Advanced > [ ] Enable recursion (uncheck it), also clear the Forwarders tab.
@andriex:AFAIK, Windows DNS does not provide the zone security provided by BIND. It's on the list of highly wanted item for many many years.
You've got to use seperate Windows server that provides DNS and use firewall to mask out which machine has access to which DNS.
Alternatively, you may host a small linux machine that act as secondary DNS host, and set the zone security there. (You'll also need to set the firewall to allow access to DC DNS from that linux server only, and change DHCP option to set DNS to the linux server)
Usally DNS is a shared system but for us, We don't sell DNS Service to our customer, but for some domains we have a necessity to manage DNS (example we have .do domain, and It costs soo much if we use their DNS: upper 100$ for moth).
to create the zone is obviously a stupid thing to fact, as I said, I created it with no problem.
I try to Enable recursion, but this case, the answer is always from parameters roots servers (example a.root-servers.net). If is possibile, I would like that my DNS Server refused the queries for the domain not in my zone.
@cheong: I knew that this was possible but I'm no expert so I trust your words
Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.