Windows DNS server bug and Coral Cache

Windows DNS server bug and Coral Cache

Post by Kenneth Po » Wed, 21 Dec 2005 10:13:14

I was looking into ways to leverage the C *** Cache to help with my website
bandwidth and found this Windows DNS bug in their FAQ: #SERVFAIL

(Googling the Windows DNS groups for "Coral" or "DNAME" didn't turn up any
other reports of this, so I expect this is news to MS DNS admins.)

Note that the bug is not the lack of support for DNAME, but the way in
which the lack of support is reported, especially in a forwarding

I know that a lot of people configure their Windows DNS to forward to an
ISP's server (as opposed to using root hints), and many ISP's run BIND, so
the failure case is exactly the one most commonly to be found in an MS-only

(Also note that C *** runs on port 8090, so one should add that port to any
firewall rules intended to handle outbound web access.)

Windows DNS server bug and Coral Cache

Post by Sm9uIEJhaW » Sun, 05 Mar 2006 04:56:07

I'd like to amend that - the problem is not just with reporting, the problem
is the ENTIRE PACKET IS DROPPED, not just the portion of the response that
the nameserver doesn't understand.

If you're using Windows 2003 as your nameserver (which all Active
Directory members -should- be), with external queries forwarded to your ISP's
cacheing nameservers (which is recommended Best Practice for all Internet
sites), the Windows 2003 DNS service is DISCARDING VALID RESPONSES, breaking
access to sites and causing false "not found" errors.

I believe this merits a hotfix. Can any MVPs weigh in on this? I don't
want to have to put a non-Windows cacheing nameserver in my office in front
of the Active Directory just to work around this behavior.