Windows Server 2003 : Configuring Advanced DNS Server Properties (part 1)

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

Tuning Advanced Server Options

When initialized for service, DNS servers running on Windows Server 2003 apply installation settings taken either from the boot information file, the Registry, or the Active Directory database. You can modify these settings on the Advanced tab of the server properties dialog box in the DNS console, as shown in Figure 1.

Figure 1. DNS server properties Advanced tab

The server installation settings include six server options, which are either on or off, and three other server features with various selections for configuration. Table 1 shows the defaults settings for all nine features.

Table 1. Default DNS Installation Settings
Disable RecursionOff
BIND SecondariesOn
Fail On Load If Bad Zone DataOff
Enable Round RobinOn
Enable Netmask OrderingOn
Secure Cache Against PollutionOn
Name CheckingMultibyte (UTF8)
Load Zone Data On StartupFrom Active Directory And Registry
Enable Automatic Scavenging Of Stale RecordsOff (requires configuration when enabled)

In most situations, these installation defaults are acceptable and do not require modification. However, when needed, you can use the DNS console to tune these advanced parameters and accommodate special deployment needs and situations.

You can restore these default settings at any time using the Advanced tab by clicking Reset To Default.

The following sections describe the available installation options in more detail.

Disable Recursion

The Disable Recursion server option is disabled by default. Consequently, the DNS server performs recursion to resolve client queries unless a special client configuration overrides this default behavior. Through recursion, the DNS server queries other servers on behalf of the requesting client and attempts to fully resolve an FQDN. Queries continue through iteration until the server receives an authoritative answer for the queried name. The server then forwards this answer back to the original requesting client.

When the Disable Recursion option is enabled, however, the DNS Server service does not answer the query for the client but instead provides the client with referrals, which are resource records that allow a DNS client to perform iterative queries to resolve an FQDN. This option might be appropriate, for example, when clients need to resolve Internet names but the local DNS server contains resource records only for the private namespace. Another case in which recursion might be disabled is when, because of its configuration or placement within a local network, a DNS server is incapable of resolving DNS names external to the local network.


If you disable recursion on a DNS server using the Advanced tab, you will not be able to use forwarders on the same server, and the Forwarders tab becomes inactive.

BIND Secondaries

The BIND Secondaries option is enabled by default. As a result, DNS servers running on Windows Server 2003 do not use fast transfer format when performing a zone transfer to secondary DNS servers based on BIND. This restriction allows for zone transfer compatibility with older versions of BIND.


BIND is a common implementation of DNS written and ported to most available versions of the UNIX operating system.

Fast transfer format is an efficient means of transferring zone data that provides data compression and allows multiple records to be transferred per individual Transmission Control Protocol (TCP) message. Fast zone transfer is always used among Windowsbased DNS servers, so the BIND Secondaries option does not affect communications among Windows servers. However, only BIND versions 4.9.4 and later can handle these fast zone transfers.

If you know your DNS server will be performing zone transfers with DNS servers using BIND version 4.9.4 or later, you should disable this option to allow fast zone transfers to occur.


As of this writing, the most current version of BIND is 9.2.2.

Fail On Load If Bad Zone Data

By default, the Fail On Load If Bad Zone Data option is disabled. As a result, a DNS server running on Windows Server 2003 loads a zone even when it determines that errors exist in the zone’s database file. Errors are logged, but the zone load still proceeds. After the zone loads, the DNS server can attempt to answer queries for the zone in question.

When you enable this option, however, the DNS server does not load a zone when the server determines that errors exist in the zone’s database file.

Enable Netmask Ordering

The Enable Netmask Ordering option is selected by default. This default setting ensures that, in response to a request to resolve a single computer name matching multiple host (A) resource records, DNS servers in Windows Server 2003 first return to the client any IP address that is in the same subnet as the client.


Multihomed computers typically have registered multiple host (A) resource records for the same host name. When a client attempts to resolve the host name of a multihomed computer by contacting a DNS server, the DNS server returns to the client a response list or answer list containing all the resource records matching the client query. Upon receiving the response list from the DNS server, a DNS client attempts to contact the target host with the first IP address in the response list. If this attempt fails, the client then attempts to contact the second IP address, and so on. The Enable Netmask Ordering option and the Enable Round Robin option are both used to change the order of resource records returned in this response list.

  •  Windows 7 : Working with the Multi-Touch User Interface (part 3) - Adding Multi-Touch Interface Functionality
  •  Windows 7 : Working with the Multi-Touch User Interface (part 2) - Obtaining the Multi-Touch Platform Interop Library, Configuring the Application
  •  Windows 7 : Working with the Multi-Touch User Interface (part 1)
  •  Windows Server 2003 : Configuring Zone Properties and Transfers (part 4)
  •  Windows Server 2003 : Configuring Zone Properties and Transfers (part 3)
  •  Windows Server 2003 : Configuring Zone Properties and Transfers (part 2)
  •  Windows Server 2003 : Configuring Zone Properties and Transfers (part 1)
  •  Windows 7 : Managing Pictures with Windows Live Photo Gallery (part 14) - Sharing with E-mail, Sharing on the Web: Services Integration
  •  Windows 7 : Managing Pictures with Windows Live Photo Gallery (part 13) - Printing Pictures and Ordering Prints, Adding Photos to Movies, DVDs, and Data Discs
  •  Windows 7 : Managing Pictures with Windows Live Photo Gallery (part 12) - Using Photos as Slide Shows
    Top 10
    Free Mobile And Desktop Apps For Accessing Restricted Websites
    MASERATI QUATTROPORTE; DIESEL : Lure of Italian limos
    TOYOTA CAMRY 2; 2.5 : Camry now more comely
    KIA SORENTO 2.2CRDi : Fuel-sipping slugger
    How To Setup, Password Protect & Encrypt Wireless Internet Connection
    Emulate And Run iPad Apps On Windows, Mac OS X & Linux With iPadian
    Backup & Restore Game Progress From Any Game With SaveGameProgress
    Generate A Facebook Timeline Cover Using A Free App
    New App for Women ‘Remix’ Offers Fashion Advice & Style Tips
    SG50 Ferrari F12berlinetta : Prancing Horse for Lion City's 50th
    - Messages forwarded by Outlook rule go nowhere
    - Create and Deploy Windows 7 Image
    - How do I check to see if my exchange 2003 is an open relay? (not using a open relay tester tool online, but on the console)
    - Creating and using an unencrypted cookie in ASP.NET
    - Directories
    - Poor Performance on Sharepoint 2010 Server
    - SBS 2008 ~ The e-mail alias already exists...
    - Public to Private IP - DNS Changes
    - Send Email from Winform application
    - How to create a .mdb file from ms sql server database.......
    programming4us programming4us