I recently upgraded the 5 Active Directory servers to Windows 2008 R2 at my place of work. The Active Directory servers also serve as the enterprise?s DNS servers. Of course, there was a small catch from Microsoft that was yet again one of those ?why did they do this? situations. The issue itself was that we could no longer get certain sites on the web to load. Even trying to hit microsoft.com had issues, but more importantly we could not hit some of the financial sites we needed. After getting some time to research this and wasting some time troubleshooting, I came across the exact issue we were having and found out this dog had bit some others out there. The problem is with EDNS which stands for Extension mechanisms for DNS (which expands the size of several parameters for DNS). By default, EDNS is turned on on Windows Server 2008 R2 and the web is not quite ready for EDNS as myself and others found out the hard way. The solution is simple but took some digging to find. To fix the issue simply go to an elevated command prompt (right mouse click on command and choose run as administrator) and type ? dnscmd /config /EnableEDNSProbes 0 ? . Easy enough right? That will take care of the issue. Why Microsoft decided to turn this feature on when they knew the web (with a little testing) was not ready for it I do not know. Just another one of those quirky things to love about Microsoft.
For further reading enjoyment and the lamenting of others on this issue go http://weblogs.asp.net/owscott/archive/2009/09/15/windows-server-2008-r2-dns-issues.aspx
Thank you to Scott Forsyth for detailing this issue and getting it out there for the rest of us.
Keep Up with TechRepublic