DNS clients Does not query the secondary DNS

Discussion in 'Active Directory' started by Hadi El Arawi, May 6, 2010.

  1. Hi,

    I have 2 w2003 Dcs - both DNS servers Primary and secondary.
    I have Clients running XP static Ip and in both DNS servers IP is configured
    as Primary and Secondary DNS.


    My Primary DNS server went down, all clients are not quering the secondary!
    using NSLOOKUP it showed that clients are still querying the primary with a
    tomeout error !! all name resoultiond stoped in the organization!

    any idea?

    tx
     
    Hadi El Arawi, May 6, 2010
    #1
    1. Advertisements

  2. Hadi El Arawi

    Chris Dent Guest

    NsLookup does not automatically fall through to alternate DNS servers,
    it is not a good way to test server redundancy.

    If you ping a host, which will use the DNS Client, does the name resolve?

    Chris
     
    Chris Dent, May 6, 2010
    #2
    1. Advertisements

  3. Hello Hadi,

    There is no automatic failover, if the preferred DNS is choosen during boot
    it will ignore the other ones listed.

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], May 6, 2010
    #3
  4. Meinolf, I don't believe that is correct. I think there is a 15 minute
    timeout and if the primary is unreachable then the client will attempt to
    contact the secondary. If the primary is still alive but not answering I
    don't think it will switch over since it is still reachable. I can't find a
    KB artcile to back me on this though.

    Although the link below kind of does
    http://support.microsoft.com/default.aspx/kb/320760/en-us?p=1

    --
    Paul Bergson
    MVP - Directory Services
    MCITP - Enterprise Administrator
    MCTS, MCT, MCSE, MCSA, MCP, Security +, BS CSci
    2008, Vista, 2003, 2000 (Early Achiever), NT4
    Microsoft's Thrive IT Pro of the Month - June 2009

    http://www.pbbergs.com

    Please no e-mails, any questions should be posted in the NewGroups. This
    posting is provided "AS IS" with no warranties and confers no rights.
     
    Paul Bergson [MVP-DS], May 6, 2010
    #4
  5. Meinolf, I don't believe that is correct. I think there is a 15 minute

    I would be very interested in any articles you can provide on this. In my
    experience I have never gotten the client to failover to the secondary DNS
    server. If it does failover after 15 minutes I would think that would be way
    too long. Those 15 minutes would be a nightmare to the admin. When I had the
    primary DNS server go down I manually changed the order in DHCP and forced a
    release and renew on the client just to get them going.

    Maybe I didn't wait long enough but at that time you really can't tell
    everyone "wait 15 minutes and try again".


    TIA
    DDS
     
    Danny Sanders, May 6, 2010
    #5
  6. Hello Paul Bergson [MVP-DS],

    You are correct, found this article from Ace:
    http://msmvps.com/blogs/acefekay/ar...-another-dc-and-dns-forwarders-algorithm.aspx

    which includes under "5. DNS Client side Resolver service Query Process":
    """""""""""""""""" If after the query to the first one times out (after 3
    tries), it removes it from the 'eligible' resolvers list and then goes to
    the next one in the order listed.""""""""""""""""""""""""""""""""""

    Best regards

    Meinolf Weber
     
    Meinolf Weber [MVP-DS], May 6, 2010
    #6
  7. You beat me to it!

    Cheers!

    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and confers no rights.

    Please reply back to the newsgroup or forum for collaboration benefit among responding engineers, and to help others benefit from your resolution.

    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

    If you feel this is an urgent issue and require immediate assistance, please contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.
     
    Ace Fekay [MVP - Directory Services, MCT], May 6, 2010
    #7
  8. The 15 minutes is the time it uses to reset the eligibility list. That
    can be changed in the registry, but I suggest to leave it and find out
    why the DNS servers is not responding.

    Ace
     
    Ace Fekay [MVP - Directory Services, MCT], May 6, 2010
    #8
  9. hi agian
    your right concerning nslookup
    but the case is it doest resolve any name anymore !
     
    Hadi El Arawi, May 6, 2010
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.