3.1.1.1.4 DNS Server String List Properties

  • Article

The following properties are string lists in UTF-8 format. The type ID for this property is DNSSRV_TYPEID_UTF8_STRING_LIST, listed in section 2.2.1.1.1.

The DNS server SHOULD<198> support the following properties:

GlobalQueryBlockList: A list of single-label strings for which queries will be blocked if the query name matches any name in this list within any primary zone on the DNS server. The DNS server MUST NOT block queries if the value of the EnableGlobalQueryBlockList property (see section 3.1.1.1.1) is 0x00000000. For a description of the DNS server's behavior when blocking queries, see the description of the EnableGlobalQueryBlockList property (see section 3.1.1.1.1).

When the DNS server process starts, if for both this property and for the EnableGlobalQueryBlockList property, no value is found in persistent storage, then the DNS server MUST construct and store as the value of this property a generic list of query names to be blocked, and MUST set the value of the EnableGlobalQueryBlockList property to 0x00000001 in persistent storage. If the EnableGlobalQueryBlockList property is already set to 0x00000001, then an undefined GlobalQueryBlockList property is treated as an empty list.

Construction of the generic list of query names to be blocked MUST be performed as follows: the DNS server MUST enumerate all locally hosted primary and secondary zones. If no locally hosted primary or secondary zone contains a DNS record for the name "isatap" that is not of type TXT then "isatap" MUST be added to the list. If no locally hosted primary or secondary zone contains a DNS record for the name "wpad" that is not of type TXT then "wpad" MUST be added to the list.

SocketPoolExcludedPortRanges: A list of numeric port number ranges (for example, {"4000-5000", "34000-34000"}) for which listen sockets will not be opened by the DNS server. Ranges MUST have the smaller number (if unequal) first, and are inclusive. Even single port exclusions MUST be specified as a range. Inputs less than 1 or greater than 65,535 are interpreted as 1 and 65,535 respectively.