We have two internet facing DNS Windows 2008 servers for our domain. How do I allow recursion for specific subnet and disable recursion globally?
The only option I see is either enable or disable recursion (which disabled forwarders). Cannot disable, because then our internal users are unable to get to certain websites etc.
As we have two DNS servers we thought with switch/routers rules...maybe have one internet facing (disable recursion there) and the non internet facing DNS server we leave recursion enabled. Folks that manages our switches/routers say they cannot use switch level firewall rules to do this because our domains is delegated to us and both have to be internet facing? Switch folks suggested to enable "view" mode that has recursion enabled for specific IP range and disable recursion globally....unsure how to do this in Windows DNS.
Any suggestions to accomplish this goal...Windows Firewall settings maybe (if so how)?