Turning off EDNS-0 extended UDP packets in W2k3 server's DNS.

(EDNS0 as defined in RFC 2671)

Server 2003's DNS server has a new capability, it can handle UDP packets greater than 512 bytes. Unfortunately some firewalls cannot pass these packets so it is desirable to have the DNS server fall back to TCP in this case as it used to do in previous versions of NT DNS.

To turn off the EDNS-0 feature run this from a command prompt:

dnscmd /Config /EnableEDnsProbes 0

Once you run this your W2K3 DNS server will never advertise its EDNS capabilities and so will never receive a UDP packet > 512 bytes.

dnscmd.exe can be found in the Support Tools.

To install Windows Support Tools

1. Insert the Windows CD into your CD-ROM drive.
2. Click No if you are prompted to reinstall Windows .
3. When the Welcome screen appears, click Perform additional tasks, and then click Browse this CD.
4. Go to the \Support\Tools folder.

   For complete setup information, refer to the Readme.asp file available in this folder.

5. Double-click suptools.msi.
6. Follow the instructions that appear on your screen.