locked
DNS: Return IPv4 for specific domains RRS feed

  • Question

  • I posted over here: https://social.technet.microsoft.com/Forums/en-US/79efd87e-7be8-4012-acb9-bc891937e9eb/dns-return-ipv4-for-specific-domains?forum=ws2016 but it was suggested that I try here instead.

    I saw Server 2016 DNS now has resolution policies: Add-DnsServerQueryResolutionPolicy

    Does anyone know how to setup a policy to not return IPv6 address for specific domains?

    All other queries are fine (TXT, SRV, etc) but I'd like to only return IPv4 for some specific domains.

    The domains are outside my network.

    I wish to filter recursive requests.

    Thanks!

    Friday, October 13, 2017 3:50 PM

Answers

  • I figured it out:

    Add:
    Add-DnsServerQueryResolutionPolicy -Name "Filter AAAA Requests" -action deny -fqdn "EQ,*.targetdomain.tld" -QType "EQ,AAAA"

    Verify:
    Get-DnsServerQueryResolutionPolicy -Name "Filter AAAA Requests" | fl
    $Policy = Get-DnsServerQueryResolutionPolicy -Name "Filter AAAA Requests"
    $Policy.Criteria
    • Marked as answer by DJX995 Friday, October 13, 2017 6:51 PM
    Friday, October 13, 2017 6:49 PM

All replies

  • I figured it out:

    Add:
    Add-DnsServerQueryResolutionPolicy -Name "Filter AAAA Requests" -action deny -fqdn "EQ,*.targetdomain.tld" -QType "EQ,AAAA"

    Verify:
    Get-DnsServerQueryResolutionPolicy -Name "Filter AAAA Requests" | fl
    $Policy = Get-DnsServerQueryResolutionPolicy -Name "Filter AAAA Requests"
    $Policy.Criteria
    • Marked as answer by DJX995 Friday, October 13, 2017 6:51 PM
    Friday, October 13, 2017 6:49 PM
  • Hi,

    Good to hear that you have solved this issue by yourself. In addition, thanks for sharing your solution in the forum as it would be helpful to anyone who encounters similar issues.

    If there is anything else we can do for you, please feel free to post in the forum.

    Best Regards,
    Albert Ling

    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, October 16, 2017 4:52 AM