I have a Windows 2012 R2 DNS server sitting in a DMZ that need to access root hints. We allowed the IPs listed in cache.dns, but the DNS server appears to be talking to other root servers not on that list. For instance this was in root hints
@ NS b.root-servers.net.
b.root-servers.net A 188.8.131.52
But we found it trying to talk to 184.108.40.206 which resolves to b.ip6-servers.arpa.
I see the quad records in the file for IPV6, but why is it talking to these on IPV4 and why when they are not present in the cache.dns file? If you can help clarify great and if you have any howtos on DMZ DNS servers and root hints that would be great. Thanks.