none
DNS failover

    Question

  • Hello,

    I need to know the background of client (WinXP) behaviour when his primary DNS fails and secondary is up. How many times he tries to contact primary DNS (how long it takes) until start using secondary. What's the timeout? When client is using secondary DNS how often he checks if primary DNS is up again? Where can I specify this values of client bahaviour and what are default values?

    Tomas

    Wednesday, May 16, 2012 7:14 AM

Answers

All replies

  • Hi Tomas,

    Thanks for posting here.

    > I need to know the background of client (WinXP) behaviour when his primary DNS fails and secondary is up.
    Do you mean the DNS addresses that we assign to client? If so ,answers could be acquired form the explication in the KB article below:

     

    “DNS Processes and Interactions” in How DNS Works
    http://technet.microsoft.com/en-us/library/cc772774(WS.10).aspx#w2k3tr_dns_how_gaxc

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    Friday, May 18, 2012 3:09 AM
  • Thanx. In my scenario DNS client has only one network adapter. So if I understand the article. Client tries to contact primary DNS server 3 times within 6 seconds - each try less than 2 seconds. In this case no answer replyes from primary DNS - DNS service is not running on server but the server is up and running. Is this behaviour simillar as if the server is  down ? When (time period) tries DNS server to ask secondary DNS for response? And what will happened if client is querying secondary server and primary goes up? Is client periodically checking if primary server is up? What's the time period?

    Tomas

    Friday, May 18, 2012 10:46 AM
  • Hi Tomas,

    Thanks for posting here.

    > Is this behavior similar as if the server is  down ? When (time period) tries DNS server to ask secondary DNS for response?

    Yes, you can say that , the value of registry key “DNSQueryTimeouts” is used for defining the time period system retries.<//span>

    > And what will happened if client is querying secondary server and primary goes up? Is client periodically checking if primary server is up? What's the time period?

    System will never try the primary address until it launches a new querying .

    Not sure if read the blog posts below which give a clean exploitation about the DNS client querying behavior:

    DNS Clients and Timeouts (Part 1) &(Part 2)

    http://blogs.technet.com/b/stdqry/archive/2011/12/02/dns-clients-and-timeouts-part-1.aspx

    http://blogs.technet.com/b/stdqry/archive/2011/12/15/dns-clients-and-timeouts-part-2.aspx

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    • Marked as answer by tomas.kukan Monday, May 21, 2012 12:35 PM
    Monday, May 21, 2012 6:08 AM
  • Hello,

    Thanks for the links Tiger but I'm still facing some strange problem on windows 7 enterprise client with DNS failover. Few weeks ago when I found this post I changed HKLM\System\CurrentControlSet\Services\dnscache\Parameters\DNSQueryTimeouts to just 1sec in order to speed up time to get to secondary DNS resolver. However at that time it was working fine (when primary DNS was not respoding, query was quickly send to secondary and I got valid answer/IP) but lately it looks to be working either random or rather not at all.

    Ethernet adapter def:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
       Physical Address. . . . . . . . . : 0xxxx
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       IPv4 Address. . . . . . . . . . . : 192.168.1.33(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Monday, April 06, 2015 11:57:36
       Lease Expires . . . . . . . . . . : Thursday, May 13, 2151 20:09:45
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DNS Servers . . . . . . . . . . . : 127.0.0.9
                                           127.0.0.7
       NetBIOS over Tcpip. . . . . . . . : Disabled

    When 127.0.0.9 is not able to provide reply or is down, windows never goes to secondary 127.0.0.7

    C:\Users\Filip>nslookup google.com
    Server:  UnKnown
    Address:  127.0.0.9

    *** UnKnown can't find google.com: No response from server

    C:\Users\Filip>nslookup google.com
    Server:  UnKnown
    Address:  127.0.0.9

    *** UnKnown can't find google.com: Unspecified error

    C:\Users\Filip>nslookup google.com
    Server:  UnKnown
    Address:  127.0.0.9

    *** UnKnown can't find google.com: No response from server

    As soon as I manually change order of DNS its working

    C:\Users\Filip>nslookup google.com
    Server:  UnKnown
    Address:  127.0.0.7

    Non-authoritative answer:
    Name:    google.com
    Addresses:  2a00:1450:400c:c07::8b
              74.125.133.100
              74.125.133.101
              74.125.133.102
              74.125.133.113
              74.125.133.138
              74.125.133.139

    127.0.0.7 & 9 are "dnscrypt proxies" running on localhost forwarding DNS queries to outside DNS servers. But this shouldnt matter. Even if I test and put some IP of nonexisting server as primary DNS failover doesnt happen:

     DNS Servers . . . . . . . . . . . : 192.168.1.200   << not able to ping as its just random IP
                                         127.0.0.7
                                         127.0.0.9

    C:\Users\Filip>nslookup google.com
    DNS request timed out.
        timeout was 2 seconds.        <<< also looking at here it looks that above reg key is ignored
    Server:  UnKnown
    Address:  192.168.1.200

    DNS request timed out.
        timeout was 2 seconds.          
    DNS request timed out.
        timeout was 2 seconds.
    DNS request timed out.
        timeout was 2 seconds.
    DNS request timed out.
        timeout was 2 seconds.
    *** Request to UnKnown timed-out

    Closest to this problem what i found is probably this experts-exchange.com/Networking/Protocols/DNS/Q_26677214.html but there is no answer. Also it is 5years old so if there would be bug I guess it would be fixed by now...

    Strange is that I did just test it now on latest Win10 build 10049 and behaviour is same (doesnt work)...

    Monday, April 06, 2015 4:48 PM
  • Did you ever get to the bottom of this as I seem to facing the same issue and just naturally assumed if primary fails and cannot ping a secondary would be used but last night when primary went down clients were not resolving DNS?

    Dean White

    Thursday, November 24, 2016 2:42 AM