Windows server "Disable recursive dns"

Question

I've disabled DNS recursion in my DNS server (Operating System: Windows server core 2019) using this method Disable DNS recursion, Also I've executed this commands in my DNS server PowerShell

Set-DnsServerRecursion -Enable $False
Clear-DnsServerCache

But still when I run

nslookup 'some random domain' 'My dns server IP Address'

in my PC, It answers like this:

Non-authoritative answer:
Name: some domain name
Address: IP address

But actually it should be *** UnKnown can't find some domain name: Query refused

What's I'm doing wrong? Any help?

score 0 · Accepted Answer · answered Dec 27 '20 at 15:34

For everyone who stuck in this issue, At the end I've used DNS Policies to just allow my domain and block other domains requests.

Add-DnsServerQueryResolutionPolicy -Name "BlackholePolicy" -Action DENY -FQDN "NE,*.mydomain"

Also you can use IGNORE instead of DENY.

Windows server "Disable recursive dns"

1 Answers1