you are probably best off following that document to disable that "feature" on your 2003 servers.
Basically, it sounds like MSFT is hoping the entire planet will tweak *their* dns servers for the benefit of people running 2003 server for dns. Why they did this is bizarre - I am fairly certain that nothing has changed standards wise such that everyone should be able to handle udp dns packets over 512 bytes
I concur, we never had an issue with udp packet sizes with Windows 2000. All we did was upgrade to Windows 2003 and these generated the issue. I open a pay support with Microsoft over this issue and all they did was add forwarders to the dns config that were not needed before. This helped, but are access to certain url's is still very flakey.
Appreciate your feedback and comments. Maybe Microsoft thinks the rest of world is all crazy but them??
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...