[dns-operations] Software that refuses an answer by QTYPE if it comes over plain UDP?

Brett brettcarr at gmail.com
Tue Mar 15 17:25:34 UTC 2016


You can also do similar trickery using f5/a10 load balancers using
irules/arules if the mood takes you that way :)


Brett

On 15 March 2016 at 05:46, Kumar Ashutosh <Kumar.Ashutosh at microsoft.com> wrote:
> Hi Doug
> The answer is "YES"
> Please check out Windows DNS Server Policies { https://technet.microsoft.com/en-us/library/mt169379.aspx }
>
> You can create DNS policies to control how a DNS Server handles queries based on different parameters { or a combination of the parameters }.
>
>
> One of these parameters is QTYPE -Type of record being queried
> A sample use case is here : https://blogs.technet.microsoft.com/networking/2015/05/18/applying-filters-on-dns-queries-using-windows-dns-server-policies/
> (Check the section on 'Block a type of query' )
>
> Thanks
> Ashu
> Microsoft
>
> -----Original Message-----
> From: dns-operations [mailto:dns-operations-bounces at dns-oarc.net] On Behalf Of Doug Barton
> Sent: Tuesday, March 15, 2016 06:20
> To: dns-operations at dns-oarc.net
> Subject: [dns-operations] Software that refuses an answer by QTYPE if it comes over plain UDP?
>
> Interesting question came up today, and while I think the answer is "No," I wanted to ask the smart kids. :)
>
> Are there any name servers in play today that will only answer for a certain QTYPE if the query comes via either TCP, or UDP with cookies?
>
> And a related question, is anyone thinking of developing some?
>
> Doug
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2flists.dns-oarc.net%2fmailman%2flistinfo%2fdns-operations&data=01%7c01%7ckumar.ashutosh%40microsoft.com%7c8d71156f9d214d63c43808d34c6d4afa%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=fbeMz%2bGUw1GUgTqya9czSZcv4M4xAHNTrHUqgIqGh5E%3d
> dns-jobs mailing list
> https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2flists.dns-oarc.net%2fmailman%2flistinfo%2fdns-jobs&data=01%7c01%7ckumar.ashutosh%40microsoft.com%7c8d71156f9d214d63c43808d34c6d4afa%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=AFUPLOjt7XTVFT2JwYbFPulrJyn711AWTDE%2fYEIWNs8%3d
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs



-- 
Brett




More information about the dns-operations mailing list