Question : Make DNS Server use local hosts file to answer queries

We have a Microsoft Windows 2008 DNS Server resolving queries for our corporate network.

What I want to do is edit the hosts file in that server ONLY, and have DNS use that hosts file to help resolve queries from DNS (like a black-hole DNS, for site blocking)

For example, the server gets a query for facebook.com, and the DNS server will try to find that domain in the hosts file, and respond with its assigned IP address, etc.

I'm aware of opendns.org, creating forward zones for each domain I want to block, conditional forwarding, create a Domain Policy to propagate the hosts file, but I don't find them practical as I have hundreds of sites to block and modifying Domain Policys for me is a no no. I also don't want to invest on ISA or any other Proxy-like appliance/server.

What I want is to have DNS use its own local hosts file to answer queries.

PS: I was told I could do it under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS  but there are no priority settings there..

Any clue? I'm sure I have done something like this in the past so sure it can be done.

Regards, and thanks in advance,

D

Answer : Make DNS Server use local hosts file to answer queries

I never saw anything like that for Windows dns, I saw proxy services that you could run - you said you are trying to avoid that.

So you would be fine editing a hosts file for blocking sites/domains, but not setting up zones for them in dns? What difference do you see between the two.

You could have a batch file BlockThisDomain.com which takes input (%1) and run dnscmd /createdomain %1 (or whatever the correct syntax is), then add some fake records. Seems that would be just as easy as editing a single hosts file.  


Thanks,
Mark