Sign up to access this lesson
Click here to sign up and get access to this lesson!
Saving Progress...
In this lecture we’re going to answer the question What is Recursion? We’re going take a look at the reasons why you would enable or disable recursion.
So what is Recursion?
Here is an example:
If a user opens his WEB browser and types www.serveradademy.com if the clients computer doesn’t know about serveradademy.com the DNS client will ask the preferred DNS server. let’s take a look at this clients TCPIP properties, notice the Preferred DNS servers IP address.
If the preferred server or in this case the ISP’s DNS doesn’t know about serveradademy.com, it will make queries to other DNS servers out on the internet.
This asking on behalf of the client continues until the server that is authoritative for serveradademy.com is found, and then the IP address for serveradademy.com is sent back along the chain and ends up on the clients computer. This process is known as recursion.
- Notice if you check Disable recursion notice that also disables forwarders.
- What this means is, if you only want your DNS server to answer queries based upon what it knows then check disable recursion.
In some cases, enabling recursion can be a security issue because your servers are always going out to the internet trying to resolve queries on behalf of clients. And other servers could be using your server to resolve their queries.
To disable recursion – From your DNS server Open Server Manager
- Now from tools, click the DNS manager. Right click the DNS server, from Servers properties, click the Advanced tab, and here you can disable recursion.
- Click the root hints tab. Under the Root Hints, remove all these root servers.
- If you start having problems and you need to put back all your root servers. You can use copy from server. Just type the IP address or the name of the DNS server and click ok.
- On a production DNS server, I wouldn’t disable Recursion or delete my Root Hints servers unless you have a good reason to do so.
Why you would you want to disable recursion?
- Security reasons. You are using a secure connection and don’t need DNS to go out to the Internet to resolve your queries.
- If you disable recursion there could be application problems. Emails sent from local apps may not be delivered.
- If you disable Recursion your server would only be able to answer queries based upon what it knows.
So, is there another Solution?
- One solution could be to configure selective recursion using a split-brain DNS Policy. We will discuss this when we get to policies.
- Basically, you could setup a policy that says that internal clients can query for internet names, but external clients can’t use your DNS to query for internet names. In other word’s recursion would only be allowed by internal clients and not external clients. We’ll explain more when we get into policies.
Sign up to access the rest of this lesson
You must either log in or sign up to access this lesson.
CURRICULUM
Course Introduction • 10min
0 / 2 lessons complete
Instructor and Course Introduction
Video | 7 min
What's New in Windows Server 2016 DNS
Free lesson
Video | 3 min
DNS Basics • 56min
0 / 8 lessons complete
What is DNS
Video | 3 min
Installing the DNS Windows Server Role
Video | 6 min
Building DNS Server Quiz
Quiz | 10 Questions
The Hosts File
Video | 4 min
DNS Console Overview
Video | 7 min
Recursive and Iterative Queries
Video | 8 min
DNS Basics LAB
Video | 10 min
DNS Basics Quiz
Quiz | 8 Questions
DNS Resource Records • 45min
0 / 5 lessons complete
DNS Resource Record Types
Video | 3 min
Creating the mytestzone Forward Lookup Zone
Text | 2 min
Creating DNS Resource Records
Video | 4 min
Creating DNS Resource Records Lab
Lab | 30 min
DNS Resource Records Quiz
Quiz | 7 Questions
DNS Zones • 4hr 11min
0 / 12 lessons complete
DNS Zones
Video | 4 min
Creating a Forward and Reverse Lookup Zone
Video | 5 min
Creating a Secondary Zones
Video | 9 min
Stub Zone Creation
Video | 11 min
Active Directory Zone Replication
Video | 12 min
Implementing DNS Forwarding
Video | 8 min
Implementing Conditional DNS Forwarding
Video | 7 min
Forward and Reverse Zone Creation Lab
Lab | 60 min
Creating a Secondary Zone Lab
Lab | 30 min
Conditional Forwarding Lab
Lab | 60 min
Creating a Stub Zone Lab
Lab | 30 min
DNS Zones Quiz
Quiz | 15 Questions
DNS Delegation • 50min
0 / 4 lessons complete
Domain Name System and DNS Delegation
Video | 7 min
Windows 2016 Server and DNS Zone Delegation
Video | 8 min
DNS Delegation Lab
Lab | 30 min
QUIZ - Domain Name System and DNS Delegation
Quiz | 5 Questions
DNS Security Techniques • 36min
0 / 5 lessons complete
DNS Security Techniques Overview
Video | 9 min
Configuring DNS Cache Locking
Video | 5 min
Configuring DNS Socket Pools
Video | 6 min
Configuring Response Rate Limiting
Video | 8 min
DNS Security Techniques Quiz
Quiz | 8 Questions
Advanced DNS Topics • 22min
0 / 5 lessons complete
Overview of Advanced Topics
Video | 1 min
Enabling Round Robin and Netmask Ordering
Video | 5 min
Configuring Recursion
Video | 4 min
IPV4 and IPV6 Root HInts
Video | 6 min
Advanced DNS Topics Quiz
Quiz | 6 Questions
DNS Security (DNSSEC) • 1hr 16min
0 / 6 lessons complete
Windows DNS Security Overview
Video | 7 min
Symmetric vs Asymmetric Encryption
Video | 5 min
Installing DNSSEC on Windows 2016 Server
Video | 12 min
DNSSEC Client Install
Video | 7 min
DNSSEC (DNS Security Lab)
Lab | 30 min
DNSSEC Quiz
Quiz | 15 Questions
DNS Policies • 55min
0 / 6 lessons complete
DNS Policies Background Information
Video | 8 min
Configuring DNS Filtering
Video | 7 min
Configuring Split Brain DNS in an Active Directory Environment
Video | 12 min
Configuring DNS Selective Recursion Policy
Video | 7 min
Configuring a Traffic Management Policy
Video | 11 min
DNS Policies Quiz
Quiz | 10 Questions
PowerShell for DNS • 1hr 27min
0 / 6 lessons complete
PowerShell for DNS Part 1
Video | 2 min
PowerShell for DNS Part 2
Video | 5 min
PowerShell for DNS Part 3
Video | 10 min
PowerShell for DNS Part 4
Video | 5 min
PowerShell for DNS LAB
Lab | 60 min
Powershell for DNS Quiz
Quiz | 5 Questions
Troubleshooting DNS Issues - Troubleshooting Tools • 1hr 39min
0 / 8 lessons complete
Troubleshooting Tools Every IT Pro Must Know
Video | 9 min
The Events Viewer Overview
Video | 6 min
Subscriptions
Video | 9 min
Monitoring and Debug Logging
Video | 9 min
Trouble-Shooting DNS Client Issues
Video | 4 min
Troubleshooting Subscriptions Lab
Lab | 30 min
DNS Troubleshooting Lab
Lab | 30 min
DNS Troubleshooting Quiz
Quiz | 2 Questions