DNS Server Properties

1.Explain DNS server properties?





Useful when our system has multiple NICs and the DNS can listen to the queries from all available NICs Offers load balancing.



If the query is not resolvable by the local DNS it is being forwarded to another DNS server for name resolution.





Disable recursion

BIND secondary (Berkeley internet naming domain)

Fail on load if bad zone data

Enable round robin

Enable netmask ordering

Secure cache against pollution




Disable recursion:

By default, this is disabled i.e., recursion is enabled.


BIND secondaries:

Useful when we have older BIND servers (ex. UNIX) as secondary BIND is a standard followed by DNS.
All UNIX based machines older version used BIND servers as DNS.

Ex. BIND version 4.0 series.

Useful when our network has old BIND version based DNS servers with new BIND versions like 9.1.2, to provide zone transfer at a faster rate to BIND secondaries.

Faster zone transfer is possible by transferring multiple zones at a time besides compression.


Fail on Load if bad zone data:

If the secondary zone comes across stale records or unwanted records the zone will not be loaded if we check this box.


Enable Round Robin (RR):

Useful when the DNS has multiple NICs to listen to the queries all NICs. If the query is not resolvable by one NIC it can be listened by another NIC. This querying will happen in round robin fashion.


Enable netmask ordering:

Secure cache against pollution: By default, the cache DNS information is secured against pollution.

In windows\system32\DNS\cache.dns


Root Hints: Root hints provide the root server’s information there are totally 13 root servers throughout the world.




Security: We can add sub-administrator for administrator and set permission on these administrators.




Monitoring: Used for troubleshooting DNS.




Event logging: Used for maintaining events occurred pertaining to DNS can be

Errors only

Errors & warnings

All events (by default)




Debug Logging: To assist with debugging.We can record the packets sent and received by the DNS server to a log file. Debug logging is disabled by default.