DNS Issue on workstations with Static IP

[D!ABOL!C]

I have a DNS question and just wanted some clarifcation.

 

We setup some workstations with Static IP addresses (only a small handful) and they started having network connectivity issues.

 

We have Domain Controllers running DNS, one is Server 2008 and the other is Server 2012. The 2012 Server replaced a previous 2003 Server.

 

When I checked the workstations, the Primary DNS was set to the IP of the 2008 Server and the Secondary DNS was set to the old 2003 Server. With this configured, they could not get to the internet and Outlook would not connect. After changing the Secondary DNS to the 2012 server, all is well.

 

My question, even though the Primary DNS is set to the 2008 Server, they had issues connecting. Why did that happen? Thanks!

[sc302 Veteran]

for some reason they were looking to the 2003 server for dns would be my best guess.  why, I don't know.  What do the event logs say?  nslookup would have been a good tool to see what was the responding server when doing dns lookups.

[D!ABOL!C]

I didn't get a chance to check the logs because they just wanted the issue fixed. I just thought it was weird that is was trying to go out through the alternate DNS server that was no longer there instead of the primary that is working.

[+BudMan MVC]

Its a complicated mess how windows determines which dns to use.. Especially if your multihomed, I can lookup the article..

Here is key piece to keep in mind.

http://technet.microsoft.com/en-us/library/dd197552(WS.10).aspx

http://blogs.technet.com/b/networking/archive/2009/06/26/dns-client-resolver-behavior.aspx

"The DNS Client service keeps track of which servers answer name queries more quickly, and it moves servers up or down on the list based on how quickly they reply to name queries."

Then don't forget you have local cache, your browser and or applications might have their own cache. Possible not everything adheres to TTLs as they should, etc.

DNS can be a fun protocol to work with and troubleshoot and setup - I wish I could find a job where all I did was dns ;)

What I suggest is you should never point a DNS that does not have the same info.. And if your multihomed, really only one interface should even have DNS on it, etc. For example if your in AD, the only thing you should point to is AD - and those should be in sync because even though you have a primary an alternate listing - you never know when the client might start using different ones on the list and keep using that one. And if they don't all return the same thing you could run into issues. So for example you have multiple DNS in your AD which is a good thing - but if they become out of sync you could have problems even if that server is old data lets say is 3rd on the list.

And you should NEVER NEVER EVER point to outside dns if your a member of AD -- it sure and the hell is not going to know about your printers, and servers, etc.. let your authoritative for your AD domain go ask opendns for the ip of www.neowin.net, etc..

[Jones111]

An idea might be that the 2008 Server didn't return good results before. Check whether it's responding right and fast. Another thing might be that the 2012 server could give better results for IPv6 requests.

 

Resolve-DnsName -Name google.com -Server {server name or IP here}

 

Check both servers and try to find differences. Check for client and server names and for common websites. Look up the websites with public dns servers, too (f.ex. google has 8.8.8.8).

If you want, post the results.

 

An issue I have with my dns server at home is that it is too slow. The first request will always hit the second server while the fist spins up his old HDDs and begins loading. Once the first server is finished, it will respond to the next requests immediately. It's ok for my home setup, though.

[D!ABOL!C]

*snip*

 

Thanks for the information! I'll check out those articles. I definitely don't have those workstations pointing outside!

 

 

*snip*

 

I was thinking that too since the 2008 server was first, maybe it lost contact during the query.