Solved

trying to understand the DNS set up !

Posted on 2009-04-07
6
232 Views
Last Modified: 2012-05-06
I am just trying to understand the DNS setup and how its working ... I've a DNS server which is pointing to itself and has all the lookup records ... There must be some point where this DNS server has to talk to my ISP's DNS server to resolve requests ... Where can I find that DNS entry for ISP coz i check the router or the pix that has the connection out to the internet and it has no such command configured as  "ip name-sever x.x.x.x" ... so am just trying to understand how is the DNS processing working ?
0
Comment
Question by:nabeel92
  • 3
  • 2
6 Comments
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 24084752
Your Windows DNS server MAY be configured with forwarders (Forwarder settings).  In which case, any domain name it cannot resolve will have the request forwarded to the server(s) defined in the setting.  However, if there are no forwarders defined, then the resolution request is forwarded to the internet root servers as any other DNS server would.
0
 

Author Comment

by:nabeel92
ID: 24085612
Ok ...I checked in the DNS server (forwarder) and I don't see anything configured .. I've attached 2 snapshots ... From what you mentioned, looks like all our DNS requests are resolved by the internet root servers ?
1.JPG
2.JPG
0
 

Author Comment

by:nabeel92
ID: 24093350
Ok, this is what i noticed today ! I went to this other server which is configured as the secondary DNS server and in its forwarder, i found the ISP's DNS server I.P ...

Now, I have a primary DNS server (that I pasted the snapshots above) and is not configured with ISP's name server so i'm assuming it must be going out to the internet root sever ... The secondary DNS server is configured with ISP's DNS I.P ... So which 1 gets preference ... Are all the clients going via primary DNS (i.e. Internet root server ) or secondary DNS (ISP's DNS) ?

Attached is a snapshot of forwarder tab in my secondary DNS server
1.JPG
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 70

Expert Comment

by:Chris Dent
ID: 24094627

> So which 1 gets preference ... Are all the clients going via primary DNS (i.e. Internet
> root server ) or secondary DNS (ISP's DNS) ?

Which one appears first in their TCP/IP configuration (ipconfig /all)? That one is used first, any later entries only if the first is busy (too slow to respond) or down.

The clients won't know what configuration is in place for the servers to get the answers, they just yell "hey, where is www.google.com?" and wait for a response.

If you're interested, you will find the list of root servers you query under "Root Hints". Those are used to start off the name resolution process, your server has to find it's way down the tree to get to a domain when using Root Hints. e.g.:

- Root knows where .com is
- .com knows where google.com is
- google.com knows where www.google.com is

When using Forwarders your server does what the client just did, yells at the forwarder and waits for an answer.

HTH

Chris
0
 

Author Comment

by:nabeel92
ID: 24094933
so my primary one is basically forwarding to internet root servers ... and its cache is also set to default 1 hour ... wont that yeild poor performance ? if i change it to ISP and then change the cache time out to 24 hours ... ??
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 24095687

Which cache time? There's a maximum cache time, but you'd have to set that in the registry. If you haven't changed that everything will cache based on the TTL (Time To Live) of the requested record. Where are you looking?

Changing the server to forward to your ISP will result in a slight increase in performance because your server would only make one query, where three are needed in the resolution of www.google.com above (although most of the data will be in the cache anyway). If you're happy with your ISP there's little reason not to do that, just a matter of whether you trust them or not :)

Chris
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Powershell knowledge 2 46
Windows IIS SMTP Server Unable to relay emails 12 51
performance tune IIS 10 on win 2016 that only runs one website 4 65
options for ipv4 failover 2 28
Running classic asp applications under Windows Server 2008 R2 (x64) and IIS 7 is not as easy as one may think. It took me a while to figure it out while getting error 8002801d a few times. After you install the OS you will need to install the fol…
Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question