Support for Windows Server 2003 will end on July 14, 2015
Microsoft will end support for Windows Server 2003 on July 14, 2015. This change will affect your software updates and security options. Article ID: 832223 - View products that this article applies to. System TipThis article applies to a different version of Windows than the one you are using. Content in this article may not be relevant to you.Visit the Windows 7 Solution Center SymptomsAfter you deploy a Windows-based DNS server, DNS queries to some domains may not be resolved successfully. CauseThis issue occurs because of the Extension Mechanisms for DNS (EDNS0) functionality that is supported in Windows Server DNS. EDNS0 allows larger User Datagram Protocol (UDP) packet sizes. However, some firewall programs may not allow UDP packets that are larger than 512 bytes. Therefore, these DNS packets may be blocked by the firewall. ResolutionTo resolve this issue, update the firewall program to recognize and allow UDP packets that are larger than 512 bytes. For more information about how to do this, contact the manufacturer of your firewall program. For information about your hardware manufacturer, go the following Microsoft website: http://support.microsoft.com/gp/vendors/en-us
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
(http://support.microsoft.com/gp/vendors/en-us)
WorkaroundTo work around this issue, turn off the EDNS0 feature on Windows-based DNS servers. To do this, take the following action:
http://www.microsoft.com/en-us/download/details.aspx?id=15326
(http://www.microsoft.com/en-us/download/details.aspx?id=15326)
More informationSome firewalls contain features to check certain parameters of the DNS packet. These firewall features may make sure that the DNS response is smaller than 512 bytes. If you capture the network traffic for an unsuccessful DNS lookup, you may notice that DNS requests EDNS0. Frames that resemble the following do not receive a reply: Additional records
<Root>: type OPT, class unknown
Name: <Root>
Type: EDNS0 option
UDP payload size: 1280PropertiesArticle ID: 832223 - Last Review: November 20, 2013 - Revision: 8.0 Applies to
Give Feedback |
|
