Windows Server 2003 implements the Extension Mechanisms for DNS (EDNS0), which permits the use of larger UDP packets.

Your firewall may not permit UDP packets larger than 512 bytes.

To resolve the problem, see tip 6967 ยป Windows Server 2003 DNS is sending large UDP packets that your firewall can't handle?