RFC 2671 allows UDP packets greater than 512 bytes. If you firewall cannot pass these packets, Windows Server 2003 DNS does NOT fall back to TCP/IP, as was the case in previous versions of Windows NT-based operating systems.

To disable the EDNS-0 feature, eliminating the UPD packets > 512 bytes:

1. Install the Windows Server 2003 Support Tools from the CD-ROM.

2. Open a CMD prompt.

3. Type dnscmd /Config /EnableEDnsProbes 0 and press Enter.