foo.com<\/a> is your domain name, then you need that in a zone.<\/p>\nFor caching/relaying you aren’t answering lookups from a zone.<\/p>\n
You don’t need recussive lookup, but you probably want it, without it the
You are really doing dns forwarding.<\/p>\n
Server 2022 is massive overkill, but, before I make a stupid assumption here,
Ultimately, about 200-250 clients, mainly Chromebooks. Also 20 or so Promethean Boards.<\/p>","upvoteCount":0,"datePublished":"2025-02-14T01:45:11.095Z","url":"https://community.spiceworks.com/t/windows-server-2022-dns-for-recursive-caching-only/1175203/3","author":{"@type":"Person","name":"stephenmantz","url":"https://community.spiceworks.com/u/stephenmantz"}},{"@type":"Answer","text":"
Honestly, I would (and do) use bind for this. You will thank yourself when you have to patch the OS vs doing Windows Updates.<\/p>\n
You should have 2 of them regardless of which way you go if you ever want to reboot them, and also in case of hardware or software failure. Patch on different days, so if an update blows one box up you still have one functioning. Clients would point to both.<\/p>","upvoteCount":1,"datePublished":"2025-02-14T06:02:00.691Z","url":"https://community.spiceworks.com/t/windows-server-2022-dns-for-recursive-caching-only/1175203/4","author":{"@type":"Person","name":"PatrickFarrell","url":"https://community.spiceworks.com/u/PatrickFarrell"}},{"@type":"Answer","text":"
Chromebooks use DOH by default so they aren’t going to touch your DNS server unless you are blocking DOH or have somehow configured otherwise.<\/p>\n
Most web browsers on windows are the same thing these days.<\/p>\n
I would just use your edge gateway device if all you need is basic DNS caching. Save yourself having another piece of equipment, licensing, Maintenance, etc.<\/p>","upvoteCount":0,"datePublished":"2025-02-14T17:53:31.425Z","url":"https://community.spiceworks.com/t/windows-server-2022-dns-for-recursive-caching-only/1175203/5","author":{"@type":"Person","name":"molan","url":"https://community.spiceworks.com/u/molan"}},{"@type":"Answer","text":"
I agree with using BIND instead. I’d usually only go with Windows Server DNS if going to use with Active Directory for secure updates.<\/p>","upvoteCount":0,"datePublished":"2025-02-15T20:37:53.852Z","url":"https://community.spiceworks.com/t/windows-server-2022-dns-for-recursive-caching-only/1175203/6","author":{"@type":"Person","name":"matthew-martin","url":"https://community.spiceworks.com/u/matthew-martin"}},{"@type":"Answer","text":"
Logs are much easier to parse in Bind than Windows as well.<\/p>","upvoteCount":0,"datePublished":"2025-02-16T02:20:15.028Z","url":"https://community.spiceworks.com/t/windows-server-2022-dns-for-recursive-caching-only/1175203/7","author":{"@type":"Person","name":"PatrickFarrell","url":"https://community.spiceworks.com/u/PatrickFarrell"}}]}}
I am looking to use Windows server 2022 as a recursive caching server for DNS lookups on my school network. AD is going away as most devices are chromebooks and a few windows machines.
2 Spice ups
somedude2
February 13, 2025, 10:40pm
2
zones are points of authority, you only have a one if you are responsible for some part of a domain name, eg foo.com is your domain name, then you need that in a zone.
For caching/relaying you aren’t answering lookups from a zone.
You don’t need recussive lookup, but you probably want it, without it the
You are really doing dns forwarding.
Server 2022 is massive overkill, but, before I make a stupid assumption here,
Ultimately, about 200-250 clients, mainly Chromebooks. Also 20 or so Promethean Boards.
Honestly, I would (and do) use bind for this. You will thank yourself when you have to patch the OS vs doing Windows Updates.
You should have 2 of them regardless of which way you go if you ever want to reboot them, and also in case of hardware or software failure. Patch on different days, so if an update blows one box up you still have one functioning. Clients would point to both.
1 Spice up
molan
February 14, 2025, 5:53pm
5
Chromebooks use DOH by default so they aren’t going to touch your DNS server unless you are blocking DOH or have somehow configured otherwise.
Most web browsers on windows are the same thing these days.
I would just use your edge gateway device if all you need is basic DNS caching. Save yourself having another piece of equipment, licensing, Maintenance, etc.
I agree with using BIND instead. I’d usually only go with Windows Server DNS if going to use with Active Directory for secure updates.
Logs are much easier to parse in Bind than Windows as well.
