Different configuring policy of dns client

**Sergeo** · 02-03-2010

How to configure the policy of a dns client. I have a dns setup which I am trying to configure. The connection getting disappeared in between. This problem lies with the local server. May be there might be some problem with the policy settings. What should I need to do here. Also I need some information on the advance settings.

**Milton.J** · 02-03-2010

To facilitate the DNS client to situate the DNSSEC OK bit in questions, you must arrange the NRPT with the appropriate or correct polices. Do not arrange any settings on the DirectAccess tab except this inaccessible right of entry technology is organized in your environment. If DirectAccess is organized in your environment, for this you have to be in touch with the DirectAccess administrator to be sure that any DNSSEC policies you genetare do not dispute with DirectAccess policies.

**Spyrus** · 02-03-2010

When an submission uses the GetAddrInfo API or other name declaration APIs to determine a name, DNS is predictably the first protocol that is used to attempt to determine the name. If DNS fails to effectively determine the name, and if the question is a flat name, protocols such as Link-Local Multicast Name Resolution Protocol (LLMNR) and NetBIOS are tried.

**Snake08** · 02-03-2010

If DNSSEC is facilitated on a client, by evasion, failover to LLMNR/NetBIOS will happen only if the DNS client will take delivery of an authenticated denial of survival reaction. For any other failure answer, the DNS client will not fail over. Even though this performance can be customized so that the client fails over for other failure answers, DNSSEC does not present sanctuary for name resolution presented by other name service providers.

**Zachary** · 02-03-2010

Be sure to be familiar with the sanctuary risks connected with modifying this setting. It should be modified only when link-local flat name declaration is an resolved necessity. Policy disparity is relating server and client. Make sure there is no disparity between the policy arranged on a client and the trust anchors in the server to which the client concern questions.

**Big Fish** · 02-03-2010

An submission can fail to determine a name if the DNS client policy on that computer necessitates DNSSEC for a name, but the DNS server to which questions are issued does not acquire the trust anchor for that zone. In this situation, either the suitable trust anchor must be added to the DNS server or the policy requiring DNSSEC on the client must be removed.