Tuning advanced server parameters
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Tuning advanced server parameters
When initialized for service, DNS servers use server configuration settings taken from the parameters stated in a boot information file, the registry, and possibly zone information provided through Active Directory integration.
In most situations, the installation defaults are acceptable and should not require modification. However, when needed, you can use the DNS console to tune the following advanced parameters, accommodating special deployment needs and situations.
For making these adjustments, use the Advanced tab in DNS server Properties.
| Value | Description |
|---|---|
Disable recursion |
Determines whether or not the DNS server uses recursion. By default, the DNS Server service is enabled to use recursion. For more information, see Modifying server defaults. |
BIND secondaries |
Determines whether to use fast transfer format when transferring a zone to DNS servers running legacy Berkeley Internet Name Domain (BIND) implementations. By default, all Windows-based DNS servers use a fast zone transfer format, which uses compression and can include multiple records per TCP message during a connected transfer. This format is also compatible with more recent BIND-based DNS servers that run versions 4.9.4 and later. For more information, see Interoperability issues. |
Fail on load if bad zone data |
Sets the DNS server to parse files strictly. By default, the DNS Server service logs data errors, ignore any erred data in zone files, and continue to load a zone. This option can be reconfigured using the DNS console so that the DNS Server service logs errors and fails to load a zone file containing records data that is determined to have errors. For more information, see Checking names and zone data. |
Enable round robin |
Determines whether the DNS server uses round robin to rotate and reorder a list of resource records (RRs) if multiple RRs exist of the same type exisit for a query answer. By default, the DNS Server service uses round robin. For more information, see Configuring round robin. |
Enable netmask ordering |
Determines whether the DNS server reorders A resource records within the same resource record set in its response to a query based on the IP address of the source of the query. By default, the DNS Server service uses local subnet priority. For more information, see Prioritizing local subnets. |
Secure cache against pollution |
Determines whether the server attempts to clean up responses to avoid cache pollution. This setting is enabled by default. By default, DNS servers use a secure response option that eliminates adding unrelated resource records included in a referral answer to their cache. In most cases, any names added in referral answers are typically cached and help expedite the speed of resolving subsequent DNS queries. With this feature, however, the server can determine that referred names are potentially polluting or insecure and discard them. The server determines whether to cache the name offered in a referral on the basis of whether or not it is part of the exact related DNS domain name tree for which the original queried name was made. For example, if a query was originally made for "example.microsoft.com" and a referral answer provided a record for a name outside of the "microsoft.com" domain name tree, such as msn.com, then that name would not be cached where this feature is enabled for use. |
Caution
- Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.
Notes
It is recommended that you use the DNS console to configure these and other server parameter values.
Additional advanced parameters can be configured by registry-based configuration. For more information, see Using the Windows Deployment and Resource Kits.
DNS server parameter key values are stored in the following location in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters
DNS zone parameter key values are stored in the following location in the registry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\DNS Server
When using registry-based configuration, changes are applied to DNS servers only when the service is re-initialized. In these cases, if a value is manually changed directly in the registry, the DNS server must always be restarted for the new value to be used.
For more information, see Start or stop a DNS server.