What the purpose of the Option: Do Not Use Recursion

  • Thread starter Thread starter Flavio Borup
  • Start date Start date
F

Flavio Borup

In forwarding DNS Cache Servers we can check an option "Do not use
recursion"
What event lead me to use this option? In which situation the option can be
intersting?
When ? Why?
 
To fully understand this, you will need to understand the different ways
that a DNS server find a requested record.

This link will give you an idea.
http://www.microsoft.com/windows200.../server/help/sag_DNS_pro_DisableRecursion.htm

You may want to disable recursion IF you don't want your DNS server to do
too much work. You may want to disable recursion if you don't want other
people to use your DNS server for resolving external records. You may want
to do recursion if you don't want your internal clients to chase down
records themselves.

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
 
In
Flavio Borup said:
In forwarding DNS Cache Servers we can check an option
"Do not use recursion"
What event lead me to use this option? In which situation
the option can be intersting?
When ? Why?
Click to expand...

This setting effectively disables your server from using root hints to
resolve names and forces it to wait for an answer from its forwarder.

Normally you would not check this option, unless you are using a forwarder
to resolve a name that cannot be found in the public name space, such as
forwarding from a AD child DNS to an AD parent domain or from one AD domain
to another.
 
Tanks!!

On the Link provided, í've found:

"Disabling the use of recursion on a DNS server is generally done when DNS
clients are being limited to resolving names to a specific DNS server, such
as one located on your intranet. Recursion might also be disabled when the
DNS server is incapable of resolving external DNS names, and clients are
expected to fail over to another DNS server for resolution of these names."
http://www.microsoft.com/windows200.../server/help/sag_DNS_pro_DisableRecursion.htm
 
In
Flavio Borup said:
Tanks!!

On the Link provided, í've found:

"Disabling the use of recursion on a DNS server is
generally done when DNS
clients are being limited to resolving names to a
specific DNS server, such
as one located on your intranet. Recursion might also be
disabled when the
DNS server is incapable of resolving external DNS names,
and clients are
expected to fail over to another DNS server for
resolution of these names."
Click to expand...
http://www.microsoft.com/windows200.../server/help/sag_DNS_pro_DisableRecursion.htm

I think you have just confused "Disable recursion" on the Advanced tab with
"Do not use recursion" on the forwarders tab. These are two different
settings and do two different things to a DNS server.

You ask about "Do not use recusion" which tells DNS to ignore Root Hints and
get all answers from the forwarder, which must still support recursive
lookups.

"Disable recursion" on the Advanced tab, stops DNS from using forwarders and
Root hints, therefore it effectively stops DNS from resolving any name it
does not have in its zones or cache. (Of course it can't answer from the
cache once TTL runs out on the records in the cache) So you can expect all
external resolution to stop within one day because the default maximum cache
TTL is one day for MS DNS.

A non-delegated root forward lookup zone, in effect stops DNS from resolving
names it does not have in its database because being a root, it is supposed
to know all TLDs.
 
DA> You may want to disable recursion IF you don't want your DNS server
DA> to do too much work. You may want to disable recursion if you don't
DA> want other people to use your DNS server for resolving external
DA> records.

He is talking about the atrociously misnamed "do not use recursion"
option, not the "disable recursion" option. (Your confusion here
exemplifies just one of the reasons that this option is misnamed.)

The option should be named "Use forwarding only" or some such.
 
Back
Top