RFC 2671 allows UDP packets greater than 512 bytes. If you firewall cannot pass these packets, Windows Server 2003 DNS does NOT fall back to TCP/IP, as was the case in previous versions of Windows NT-based operating systems.
To disable the EDNS-0 feature, eliminating the UPD packets > 512 bytes:
1. Install the Windows Server 2003 Support Tools from the CD-ROM.
2. Open a CMD prompt.
3. Type dnscmd /Config /EnableEDnsProbes 0 and press Enter.