<div dir="ltr"><div>On Tue, Mar 15, 2016 at 2:16 PM Kumar Ashutosh <<a href="mailto:Kumar.Ashutosh@microsoft.com">Kumar.Ashutosh@microsoft.com</a>> wrote:<br></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Doug<br>
The answer is "YES"<br>
Please check out Windows DNS Server Policies { <a href="https://technet.microsoft.com/en-us/library/mt169379.aspx" rel="noreferrer" target="_blank">https://technet.microsoft.com/en-us/library/mt169379.aspx</a> }<br>
<br>
You can create DNS policies to control how a DNS Server handles queries based on different parameters { or a combination of the parameters }.<br>
<br></blockquote><div><br></div><div>Whoa. That's kinda sexy. Thanks.</div><div><br></div><div>You can also to something similar (and / or shoot yourself in the foot, you have much power) using PowerDNS and Lua. See <a href="https://doc.powerdns.com/md/recursor/scripting/">https://doc.powerdns.com/md/recursor/scripting/</a> or <a href="https://github.com/PowerDNS/pdns/blob/master/pdns/powerdns-example-script.lua">https://github.com/PowerDNS/pdns/blob/master/pdns/powerdns-example-script.lua</a></div><div><br></div><div>W <br></div><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
One of these parameters is QTYPE -Type of record being queried<br>
A sample use case is here : <a href="https://blogs.technet.microsoft.com/networking/2015/05/18/applying-filters-on-dns-queries-using-windows-dns-server-policies/" rel="noreferrer" target="_blank">https://blogs.technet.microsoft.com/networking/2015/05/18/applying-filters-on-dns-queries-using-windows-dns-server-policies/</a><br>
(Check the section on 'Block a type of query' )<br>
<br>
Thanks<br>
Ashu<br>
Microsoft<br>
<br>
-----Original Message-----<br>
From: dns-operations [mailto:<a href="mailto:dns-operations-bounces@dns-oarc.net" target="_blank">dns-operations-bounces@dns-oarc.net</a>] On Behalf Of Doug Barton<br>
Sent: Tuesday, March 15, 2016 06:20<br>
To: <a href="mailto:dns-operations@dns-oarc.net" target="_blank">dns-operations@dns-oarc.net</a><br>
Subject: [dns-operations] Software that refuses an answer by QTYPE if it comes over plain UDP?<br>
<br>
Interesting question came up today, and while I think the answer is "No," I wanted to ask the smart kids. :)<br>
<br>
Are there any name servers in play today that will only answer for a certain QTYPE if the query comes via either TCP, or UDP with cookies?<br>
<br>
And a related question, is anyone thinking of developing some?<br>
<br>
Doug<br>
_______________________________________________<br>
dns-operations mailing list<br>
<a href="mailto:dns-operations@lists.dns-oarc.net" target="_blank">dns-operations@lists.dns-oarc.net</a><br>
<a href="https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2flists.dns-oarc.net%2fmailman%2flistinfo%2fdns-operations&data=01%7c01%7ckumar.ashutosh%40microsoft.com%7c8d71156f9d214d63c43808d34c6d4afa%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=fbeMz%2bGUw1GUgTqya9czSZcv4M4xAHNTrHUqgIqGh5E%3ddns-jobs" rel="noreferrer" target="_blank">https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2flists.dns-oarc.net%2fmailman%2flistinfo%2fdns-operations&data=01%7c01%7ckumar.ashutosh%40microsoft.com%7c8d71156f9d214d63c43808d34c6d4afa%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=fbeMz%2bGUw1GUgTqya9czSZcv4M4xAHNTrHUqgIqGh5E%3d<br>
dns-jobs</a> mailing list<br>
<a href="https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2flists.dns-oarc.net%2fmailman%2flistinfo%2fdns-jobs&data=01%7c01%7ckumar.ashutosh%40microsoft.com%7c8d71156f9d214d63c43808d34c6d4afa%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=AFUPLOjt7XTVFT2JwYbFPulrJyn711AWTDE%2fYEIWNs8%3d" rel="noreferrer" target="_blank">https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2flists.dns-oarc.net%2fmailman%2flistinfo%2fdns-jobs&data=01%7c01%7ckumar.ashutosh%40microsoft.com%7c8d71156f9d214d63c43808d34c6d4afa%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=AFUPLOjt7XTVFT2JwYbFPulrJyn711AWTDE%2fYEIWNs8%3d</a><br>
<br>
_______________________________________________<br>
dns-operations mailing list<br>
<a href="mailto:dns-operations@lists.dns-oarc.net" target="_blank">dns-operations@lists.dns-oarc.net</a><br>
<a href="https://lists.dns-oarc.net/mailman/listinfo/dns-operations" rel="noreferrer" target="_blank">https://lists.dns-oarc.net/mailman/listinfo/dns-operations</a><br>
dns-jobs mailing list<br>
<a href="https://lists.dns-oarc.net/mailman/listinfo/dns-jobs" rel="noreferrer" target="_blank">https://lists.dns-oarc.net/mailman/listinfo/dns-jobs</a><br>
</blockquote></div></div>