DNS Update Issue

black3dynamite

So pretty much we should also be using Linux to troubleshoot Windows too.

JaredBusch

@scottalanmiller said in DNS Update Issue:

@JaredBusch I used a watch command with nslookup on Fedora, which is neat because it just... updates.

Right, but that is technically a new instance of the command each time. I was using the opened command instance proving nothing had to even be re-executed.

Obsolesce

Final results:

I used Nirsoft DNSDataView to verify that any hostname I query is not in the Windows DNS Cache.

I blocked all DC/DNS server IPs in the local firewal, and verified DNS does not work.

I test this by clearing the local DNS cache (ipconfig /flushdns) then trying to ping something by name. This proved as a good test, becasue I was unable to ping anything by hostname. The PING failed because a DNS server could not be contacted in order to get the IP of the host I was trying to ping by name.

I enabled Debug Logging on both DC/DNS servers (DC/DNS01 and DC/DNS02). I had both logs up in tail mode so I can see ALL DNS querys to the server from my test workstation only.

Then I unblocked only DC/DNS02, and tried pinging something by hostname only. This forces the client to do a DNS lookup so it can ping the target.

I tested this by unblocking DC/DNS02, then performing a ping to a non-cached hostname. It was a successful PING, and DNS lookup occurred on DC/DNS02, confirmed in log.

I now unblocked the primary DC (DC/DNS01), and performed a ping to a non-cached hostname.

I performed several more pings shown below, and the DNS server that was used to perform the DNS query, as well as the time.

ping 1 -> DC/DNS02 (11:21 am)

ping 2 -> DC/DNS02 (11:22 am)

ping 3 -> DC/DNS02 (11:25 am)

ping 4 -> DC/DNS02 (11:30 am)

ping 5 -> DC/DNS02 (11:33:31 am)

Ping X -> DC/DNS01 (11:33:57 am) On DC/DNS01 I noticed an entry, which tells me Windows automatically set it back to be used, confirmed below:
0_1541183873962_0911b376-129f-4dce-8620-5e41081d6cc4-image.png

ping 6 -> DC/DNS01 (11:34:17 am)

Tesing shows that Windows does not immediately fail-back to the primary DNS server once it becomes available, and doesn't do it automatically for about 15 minutes without some kind of network stack reset or computer reboot.

Windows will automatically fail-back to primary DNS server after about 15 minutes.

Now there's something to search the internet for, and as such, confirmed that 15 minutes is when it happens automatically.

scottalanmiller

@Obsolesce interesting, so very different results than people had been saying that they were getting in Windows environments. But much more logical and expected.

wirestyle22

Wonder if you can edit that in your registry

Dashrender

@scottalanmiller said in DNS Update Issue:

@Obsolesce interesting, so very different results than people had been saying that they were getting in Windows environments. But much more logical and expected.

I’m not sure I follow.

Once you notice there is a problem, who would wait 15 mins to see if windows flips back? Definitely not me. I’ll have /release/renew and or rebooted by then.

If there is no report/realized issue, then the question is, is there really a problem?

Obsolesce

@Dashrender said in DNS Update Issue:

is there really a problem?

No, people just like to argue about invented issues.

scottalanmiller

@Dashrender said in DNS Update Issue:

@scottalanmiller said in DNS Update Issue:

@Obsolesce interesting, so very different results than people had been saying that they were getting in Windows environments. But much more logical and expected.

I’m not sure I follow.

Once you notice there is a problem, who would wait 15 mins to see if windows flips back? Definitely not me. I’ll have /release/renew and or rebooted by then.

If there is no report/realized issue, then the question is, is there really a problem?

If people claim "forever" and don't test for even fifteen minutes, I think we have a serious problem with reporting "forever." That's not even "a long time." Longer than necessary, but not so long that you could reasonably claim that it doesn't recover on its own.

scottalanmiller

@Obsolesce said in DNS Update Issue:

@Dashrender said in DNS Update Issue:

is there really a problem?

No, people just like to argue about invented issues.

Which is why I questioned all the reports of it. It didn't seem plausible that Windows worked as poorly as people were claiming with the beliefs that it would flip at random, and that it would stay forever. Neither is really reasonable. Why it waits fifteen minutes? That's something hopeful a registry edit can lower. I'd want more like one minute, but it's still pretty reasonable for desktop users, it's not a long time at all.

JaredBusch

@scottalanmiller the issue with nslookup being useless is stupid though.

scottalanmiller

@JaredBusch said in DNS Update Issue:

@scottalanmiller the issue with nslookup being useless is stupid though.

Agreed, that's really messed up.