DNS Policies are not properly resolving CNAMEs in Zone Scopes if the Query Resolution Policy includes the NE operator for Client Subnets

domain-name-system active-directory windows-server-2016 powershell dns-policies

Solution 1:

The expected behaviour is : For CNAME/DNAME/ADDITIONAL SECTIONS • For each part of a chained response, the policies must be applied all over again. The criteria of these policy will be matched against the values in the original query (e.g. TimeOfDay, Client subnet etc.) except for QTYPE and FQDN. • If any of the policies used in the chain result in a DENY/IGNORE, the DNS server must send the partial response to the client if available. The Deny/Ignore will apply only for that FQDN or zone.

I think the results are expected.

Kumar Ashutosh [I designed DNS Server Policies]

Related

Decisions about DNS on IPv6
Why is L2ARC not giving more speedup for directory traversal?
Ubuntu 16.04 nfs-kernel-server won't start
Docker throws two warnings related to cgroup rt period/runtime in Ubuntu
Django with Apache and mod_wsgi: no system log unless setting Debug = True
Buffer I/O Error on md-device - can't identify failed drive
AWL ELB error message
How to make RAID controller rescan devices
connect a docker container to a local network
Multiple VLAN's - Multiple SSID or Single SSID and Multiple VLAN's (radius)
How can I get a Managed Service Account to use internet proxy settings from Group Policy?
Routing traffic to two NICs on the same network