Disable built in DNS Completely

%3CLINGO-SUB%20id%3D%22lingo-sub-2160813%22%20slang%3D%22en-US%22%3EDisable%20built%20in%20DNS%20Completely%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2160813%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20was%20wondering%20if%20there%20were%20any%20plans%20to%20provide%20us%20the%20ability%20to%20completely%20disable%20the%20built%20in%20DNS%20with%20Edge.%20I%20understand%20that%20you%20can%20disable%20the%20DNS%20however%20this%20does%20not%20really%20resolve%20all%20the%20issues.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20work%20at%20an%20organization%20that%20has%20it's%20intranet%20page%20as%20the%20default%20home%20page%20on%20all%20devices%2C%20on%20the%20internal%20DNS%20server%20we%20have%20it%20pointing%20to%20the%20intranet%20server%20obviously.%20However%20when%20users%20go%20home%20the%20external%20DNS%20server%20points%20that%20same%20URL%20to%20the%20external%20site%20page%20instead.%20We%20have%20the%20TTL%20on%20that%20record%20set%20to%2030%20seconds%20however%20when%20users%20come%20back%20in%20the%20site%20still%20points%20them%20to%20the%20external%20site.%20Running%20a%20ipconfig%20%2F%20flushdns%20does%20nothing.%20I%20found%20out%20that%20if%20you%20clear%20the%20browser%20cache%20it%20then%20resolves%20properly%20again.%20I%20am%20not%20entirely%20sure%20what%20is%20causing%20this%20but%20I'd%20really%20appreciate%20a%20fix%20for%20this%20or%20a%20way%20to%20manage%20this%20functionality.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2160879%22%20slang%3D%22en-US%22%3ERe%3A%20Disable%20built%20in%20DNS%20Completely%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2160879%22%20slang%3D%22en-US%22%3E%3CP%3Ein%20Edge%20settings%2C%20set%20DNS%20to%20%22Use%20current%20service%20provider%22%3CBR%20%2F%3Ecan%20be%20configed%20via%20group%20policy%3A%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdeployedge%2Fmicrosoft-edge-policies%23dnsoverhttpsmode%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdeployedge%2Fmicrosoft-edge-policies%23dnsoverhttpsmode%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSTRONG%3Eset%20that%20to%20%22Off%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSPAN%3EThe%20%22off%22%20mode%20will%20disable%20DNS-over-HTTPS.%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSTRONG%3Ealso%20disable%20this%3A%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdeployedge%2Fmicrosoft-edge-policies%23use-built-in-dns-client%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fdeployedge%2Fmicrosoft-edge-policies%23use-built-in-dns-client%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3Emore%20info%3A%3CBR%20%2F%3E%22This%20policy%20controls%20which%20software%20stack%20is%20used%20to%20communicate%20with%20the%20DNS%20server%3A%20the%20operating%20system%20DNS%20client%2C%20or%20Microsoft%20Edge's%20built-in%20DNS%20client.%20This%20policy%20does%20not%20affect%20which%20DNS%20servers%20are%20used%3A%20if%2C%20for%20example%2C%20the%20operating%20system%20is%20configured%20to%20use%20an%20enterprise%20DNS%20server%2C%20that%20same%20server%20would%20be%20used%20by%20the%20built-in%20DNS%20client.%20It%20also%20does%20not%20control%20if%20DNS-over-HTTPS%20is%20used%3B%20Microsoft%20Edge%20always%20uses%20the%20built-in%20resolver%20for%20DNS-over-HTTPS%20requests.%20Please%20see%20the%20DnsOverHttpsMode%20policy%20for%20information%20on%20controlling%20DNS-over-HTTPS.%22%3CBR%20%2F%3E%3CBR%20%2F%3E%22If%20you%20enable%20this%20policy%2C%20the%20built-in%20DNS%20client%20is%20used%2C%20if%20it's%20available.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSTRONG%3EIf%20you%20disable%20this%20policy%2C%20the%20built-in%20DNS%20client%20is%20only%20used%20when%20DNS-over-HTTPS%20is%20in%20use.%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CBR%20%2F%3EIf%20you%20don't%20configure%20this%20policy%2C%20the%20built-in%20DNS%20client%20is%20enabled%20by%20default.%22%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Eby%20the%20way%2C%20this%20part%20is%20a%20bit%20confusing%3A%20%22%3CSPAN%3EHowever%20when%20users%20go%20home%20the%20external%20DNS%20server%20points%20that%20same%20URL%20to%20the%20external%20site%20page%20instead.%26nbsp%3B%22%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Eyou%20only%20have%20a%20homepage%20URL%20which%20is%20a%20website%20hosted%20internally%2C%20then%20what%20is%20the%20external%20site%20page%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi, 

 

I was wondering if there were any plans to provide us the ability to completely disable the built in DNS with Edge. I understand that you can disable the DNS however this does not really resolve all the issues. 

 

I work at an organization that has it's intranet page as the default home page on all devices, on the internal DNS server we have it pointing to the intranet server obviously. However when users go home the external DNS server points that same URL to the external site page instead. We have the TTL on that record set to 30 seconds however when users come back in the site still points them to the external site. Running a ipconfig / flushdns does nothing. I found out that if you clear the browser cache it then resolves properly again. I am not entirely sure what is causing this but I'd really appreciate a fix for this or a way to manage this functionality. 

3 Replies

in Edge settings, set DNS to "Use current service provider"
can be configed via group policy:

https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#dnsoverhttpsmode

set that to "Off"
The "off" mode will disable DNS-over-HTTPS.

also disable this:
https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#use-built-in-dns-client

more info:
"This policy controls which software stack is used to communicate with the DNS server: the operating system DNS client, or Microsoft Edge's built-in DNS client. This policy does not affect which DNS servers are used: if, for example, the operating system is configured to use an enterprise DNS server, that same server would be used by the built-in DNS client. It also does not control if DNS-over-HTTPS is used; Microsoft Edge always uses the built-in resolver for DNS-over-HTTPS requests. Please see the DnsOverHttpsMode policy for information on controlling DNS-over-HTTPS."

"If you enable this policy, the built-in DNS client is used, if it's available.

If you disable this policy, the built-in DNS client is only used when DNS-over-HTTPS is in use.

If you don't configure this policy, the built-in DNS client is enabled by default."

 

by the way, this part is a bit confusing: "However when users go home the external DNS server points that same URL to the external site page instead. "

 

you only have a homepage URL which is a website hosted internally, then what is the external site page?

Thanks for the reply and sorry for the late response! I am going to try your suggestions and get back to you.

to clarify what I meant by "However when users go home the external DNS server points that same URL to the external site page instead. "

The default home page for all our computers is Intranet.DOMAINNAME.com when users are on site the internal DNS points that url to the internally hosted intranet page that is ONLY accessible internally.

Now, when users go home we have the external DNS server pointing Intranet.DOMAINNAME.com to the external site instead. Otherwise when they go home all our users would open their web browsers to an unresolvable page.

We have the TTL on the DNS records set to 30 seconds so ideally it would check which ip it should connect to every time they open the browser on site or at home. Is that more clear ? sorry if I am not doing a great job at explaining myself.
Thank you,
by doing that you will neutralize Edge's DNS involvement.