DNS recursion is allowed "Jérôme" <jecounet[ at ]hotmail.com> 7/2/2007 7:53:30 PM Hi ! I have a big problem with my DNS server : (windows 2003 server web edition) I am hosting several DNS domains, so my server is the primary name server, everything is working properly. But, if i try to query the DNS server with an external DNS, the query will be handeled, with recursion. I dont want that my server resolve external DNS, actualy, they can be resolved, but not with recursion. I tried to ckeck the "do not allow recursion fot that domain" (for the "all other DNS domains") on the forwarders tab, but after saving and closing the properties window and reopen it, the box is unchecked. Disabling recursion is not a good way to solve that : for example, CNAME of internal DNS would not return an ip adress. Many thanks in advance... Jérôme.

Re: DNS recursion is allowed "Herb Martin" <news[ at ]learnquick.com> 7/3/2007 3:12:44 PM "Jérôme" <jecounet[ at ]hotmail.com> wrote in message news:%23UcvsKOvHHA.1168[ at ]TK2MSFTNGP02.phx.gbl... [Quoted Text] > Hi ! > > I have a big problem with my DNS server : > (windows 2003 server web edition) > > I am hosting several DNS domains, so my server is the primary name server, > everything is working properly. Well, not "everything" <grin> > But, if i try to query the DNS server with an external DNS, the query will > be handeled, with recursion. > I dont want that my server resolve external DNS, actualy, they can be > resolved, but not with recursion. IF you wish NO names not held by your DNS Server (common with web servers as DNS Servers) then you may check the box "Disable Recursion" in the DNS Server Advanced Properties. DO NOT use this method if you wish to Forward as it will also disable Forwarding in addition to physical recursion. You must then AVOID setting your Web Server as a DNS client to use the "Local DNS Server" since this will NOT allow it to resolve external names. > I tried to ckeck the "do not allow recursion fot that domain" (for the > "all other DNS domains") on the forwarders tab, but after saving and > closing the properties window and reopen it, the box is unchecked. IF you use (and need) Forwarders you cannot use "Disable Recursion." Checking "Do not user Recursion" on the Forwarders tab does NOT stop the DNS server from resolving other names for outsiders, it merely forces this to use the forwarders. This is part of the reason that most people should NOT be providing their own PUBLIC DNS Server but should leave this at the REGISTRAR. > Disabling recursion is not a good way to solve that : for example, CNAME > of internal DNS would not return an ip adress. No, Disabling Recursion has nothing to do with resolving complex names available on the SAME server -- only with using it to resolve names needing external resolution though actual recursion or through forwarding. -- Herb Martin, MCSE, MVP http://www.LearnQuick.Com (phone on web site)