Configure EDNS0

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

You can use the following procedure to modify EDNS0 configuration. The value of the registry key EDNSCacheTimeout determines how long the Domain Name System (DNS) server keeps information about the extension mechanisms for DNS (EDNS) versions that are supported by other DNS servers that have responded to a query with an OPT resource record.

You can perform this procedure by using Registry Editor or by using the Dnscmd command-line tool.

Warning

It is recommended that you do not directly edit the registry unless there is no other alternative. Modifications to the registry are not validated by the registry editor or by Windows before they are applied, and as a result, incorrect values can be stored. This can result in unrecoverable errors in the system. When possible, use Group Policy or other Windows tools, such as Microsoft Management Console (MMC), to accomplish tasks rather than editing the registry directly. If you must edit the registry, use extreme caution.

Administrative credentials

To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using the Run as command to perform this procedure.

Configuring EDNS0

  • Using the Windows interface

  • Using the command line

To configure EDNS0 using the Windows interface

  1. Open Registry Editor.

  2. In Registry Editor, navigate to the following registry subkey:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters

  3. Add the following DWORD entry:

    EDNSCacheTimeout

  4. To change the cache timeout, type a value in seconds between 3600 (1 hour) and 15724800 (182 days).

  5. In the same registry subkey (Parameters), add the following DWORD entry:

    EnableEDNSProbes

  6. To configure the DNS server to include an OPT resource record only in response to EDNS0 requests containing OPT resource records, type 0x1 (DWORD).

  7. Restart the DNS server.

Note

To open Registry Editor, click Start, click Run, type regedit, and then click OK.

To modify EDNS0 configuration using the command line

  • At a command prompt, type one of the following commands, and then press ENTER:

    • dnscmd ServerName /Config /EDNSCacheTimeout Value

    • dnscmd ServerName /Config /EnableEDNSProbes Value

    Value Description

    ServerName

    Required. Specifies the DNS host name of the DNS server. You can also type the Internet Protocol (IP) address of the DNS server. To specify the DNS server on the local computer, you can also type a period (.).

    /Config

    Required. Specifies the command to configure the DNS server.

    /EDNSCacheTimeout

    Required. Specifies the length of time that the DNS server remembers the EDNS parameters remote servers report.

    /EnableEdnsProbes

    Required. Specifies whether or not the DNS server probes other DNS servers to determine if they support EDNS.

    Value

    Required. For /EDNSCacheTimeout, type a value in seconds between 3600 (1 hour) and 15724800 (182 days). For /EnableEDNSProbes, type 1 to configure the DNS server to probe other DNS servers and determine if they support EDNS. Type 0 to configure the DNS server to not probe remote servers for EDNS support. If you type 0, the DNS server will continue to use EDNS if other servers request it.