6. Setting Microsoft DNS server forwarding behaviour

This chapter forms part of the Transition Network guidance for DNS local forwarding and server configuration.

6.1 Windows Server 2016

On the Forwarders Tab of the server Properties, there is a checkbox next to an option Use root hints if no forwarders are available.

the Forwarders Tab of Windows server manager 2016, Properties menu, showing the checkbox for Use root hints if no forwarders are available.

This option much more clearly describes the Forward First behaviour, which is the default (box checked). This option is entitled Use root hints if no forwarders are available. This is not technically accurate or at least it is incomplete. The servers that are being forwarded to may certainly be available and responding. It’s just that in addition to a Timeout (server not being available) the response may be an NXDOMAIN or SERVFAIL.

Broadly then we can say:

Forward First is implemented by checking the checkbox
Forward Only is implemented by NOT checking the checkbox

6.3 Windows DNS server checklist - for forwarding only

To summarise:

Add the two forwarder servers.

155.231.231.1 and 155.231.231.2.

Set Number of seconds before forward queries time out: to 15 seconds.

Set forwarding only behaviour.

Last edited: 13 November 2019 10:49 am