Restrict Recursive Queries

Discussion in 'DNS Server' started by acoustix, Feb 13, 2008.

  1. acoustix

    acoustix Guest

    How can I restrict recursive lookups to my address space on Windows Server
    2003? Lets say I have a small ISP with a public address space. How can I
    allow only my customers to do recursive lookups and not allow just anyone to
    use my DNS server for all lookups?

    Thanks,
    Nick
     
    acoustix, Feb 13, 2008
    #1
    1. Advertisements

  2. acoustix

    Jorge Silva Guest

    Hi
    Configuring the firewall to allow only authorized address should do.

    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MCSE, MVP Directory Services
     
    Jorge Silva, Feb 14, 2008
    #2
    1. Advertisements

  3. acoustix

    acoustix Guest

    But won't that block *all* traffic to the DNS server? The DNS server still
    needs to be available to everyone to resolve locally hosted domain names, but
    we just want to limit access to recursive lookups. I'm not sure that it is
    possible to do that with a router ACL or firewall config.

    -Nick
     
    acoustix, Feb 14, 2008
    #3
  4. Read inline please.

    In
    You cannot restrict recursion to specific users or addresses, it's either on
    or off for everyone.


    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps

    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    http://message.wftx.us/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Feb 15, 2008
    #4
  5. acoustix

    Jorge Silva Guest

    I said Firewall not Windows 2003 Firewall, there's a difference...

    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MCSE, MVP Directory Services
     
    Jorge Silva, Feb 15, 2008
    #5
  6. acoustix

    Jorge Silva Guest

    I forgot the second part,
    For not bloking everyone you should have a dedicated DNS for clients and
    another one for public access.

    --
    I hope that the information above helps you.
    Have a Nice day.

    Jorge Silva
    MCSE, MVP Directory Services
     
    Jorge Silva, Feb 15, 2008
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.