Best Practices Analyzer for Domain Name System: Configuration
Applies To: Windows Server 2008, Windows Server 2008 R2
Topics in this section can help you bring DNS running on Windows ServerĀ® 2008 or Windows ServerĀ® 2008 R2 into compliance with configuration best practices. Content in this section is most valuable to administrators who have completed a Best Practices Analyzer scan of DNS, and who want information about how to interpret and resolve scan results that identify areas of DNS that are noncompliant with configuration best practices.
Best Practices Analyzer and configuration rules
Configuration rules are applied to identify settings that might require modification for DNS to perform optimally. Configuration rules can help prevent setting conflicts that can result in error messages or prevent DNS from carrying out its prescribed duties in an enterprise.
For more information about Best Practices Analyzer and scans, see Best Practices Analyzer.
Topics in this section
DNS: IP addresses that belong to a valid range must be configured on <adapter name>
DNS: <Adapter name> should be configured to use both a preferred and an alternate DNS server
DNS: Valid network interfaces should precede invalid interfaces in the binding order
DNS: DNS servers on <adapter name> should include the loopback address, but not as the first entry
DNS: If the Global Query Block List is enabled, then it should not be empty
DNS: The Hosts file <file name> on the DNS server should be empty
DNS: The DNS server must have root hints or forwarders configured
DNS: The scavenging interval <interval value> is within the recommended range
DNS: The scavenging interval <interval value> is not set to a recommended value
DNS: Zone <zone name> has scavenging enabled with recommended parameters
DNS: Zone <zone name> has record aging disabled, so scavenging will not occur
DNS: Zone <zone name> scavenging server list should not be empty
DNS: Zone <zone name> scavenging parameters should be set to default values
DNS: The socket pool should be enabled with recommended settings
DNS: The recursion timeout must be greater than the forwarding timeout
DNS: Forwarding server <IP address> should respond to DNS queries
DNS: At least one DNS server on the list of forwarders must respond to DNS queries
DNS: The list of forwarding servers must not contain the link-local IP address <IP address>
DNS: The list of forwarding servers must not contain the loopback address <IP address>
DNS: Zone <zone name> update notification list must not be empty
DNS: Zone <zone name> secondary servers list should not be empty
DNS: Zone <zone name> scavenging servers should host the zone
DNS: The list of root hints must not contain the link-local IP address <IP address>
DNS: The list of root hints must not contain the host IP address or loopback address <IP address>
DNS: The list of root hints should contain more than one entry
DNS: Zone <zone name> is Active Directory integrated and should be present and configured as primary
DNS: Zone <zone name> is an Active Directory integrated DNS Zone and must be available
DNS: Zone <zone name> is an Active Directory integrated DNS zone and must be configured as primary
DNS: Zone <zone name> transfers from the primary to the secondary DNS server must be successful