<div>
Great response, Doc. &nbsp;Thorough, corroborated, and specifically addresses the question. &nbsp;Thanks much!
</div>


Great response, Doc.  Thorough, corroborated, and specifically addresses the question.  Thanks much!

<div>
<div class="content wysiwyg-content">
We've just replaced our aging, self-hosted, BIND DNS, public-facing physical name servers with Windows Server 2012 DNS virtual servers. &nbsp;They're operating quite well.<br />
<br />
Using Windows Performance Monitor, we're tracking the &quot;UDP Queries Received/sec&quot; and &quot;UDP Response Sent/sec&quot; which look good, peaking in the 300-400/sec range.<br />
<br />
We also took a look a the &quot;Unmatched Responses Received&quot; statistic, currently at 427 after 10 days of uptime. &nbsp;In comparison, this number is negligible compared to the successful response rate, but the interesting thing is that I've been unable to find any information to determine what an &quot;Unmatched Response&quot; is when related to DNS.<br />
<br />
My searches to try to explain or define it have only found one or two mentions in passing, in discussions of DNS DDOS attacks, and in logging. &nbsp;Can anyone fully define this for us, and explain what a sudden increase in &quot;Unmatched Responses&quot; might indicate? &nbsp;Any URLs to plain, detailed information are certainly appreciated.<br />
<br />
Thank you.<br />
<br />
Dimarc67<br />
Frederick, MD
</div>
</div>


We've just replaced our aging, self-hosted, BIND DNS, public-facing physical name servers with Windows Server 2012 DNS virtual servers.  They're operating quite well.

Using Windows Performance Monitor, we're tracking the "UDP Queries Received/sec" and "UDP Response Sent/sec" which look good, peaking in the 300-400/sec range.

We also took a look a the "Unmatched Responses Received" statistic, currently at 427 after 10 days of uptime.  In comparison, this number is negligible compared to the successful response rate, but the interesting thing is that I've been unable to find any information to determine what an "Unmatched Response" is when related to DNS.

My searches to try to explain or define it have only found one or two mentions in passing, in discussions of DNS DDOS attacks, and in logging.  Can anyone fully define this for us, and explain what a sudden increase in "Unmatched Responses" might indicate?  Any URLs to plain, detailed information are certainly appreciated.

Thank you.

Dimarc67
Frederick, MD

Microsoft Windows Performance Monitor, DNS, and &quot;Unmatched Responses Received&quot;

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.

Microsoft Windows Performance Monitor, DNS, and &quot;Unmatched Responses Received&quot;

Microsoft Windows Performance Monitor, DNS, and "Unmatched Responses Received"