DNS Failover on Windows Clients

Posted on 2014-09-10
Last Modified: 2015-06-27

We've got multiple domain controllers based at our head office all running AD DS & DNS.

Our Primary domain controller is configured to be the Primary DNS server for our Windows servers and workstations. Recently our primary controller has gone down twice and although we're making our AD infrastructure more resilient can anybody explain why workstations and servers are not failing over to the secondary DNS server specified in their NIC? It appears that they carry on querying the primary DNS server continually despite it not being available

Question by:Jack Lloyd
  • 2
  • 2
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 40314111
DNS resolution first do on primary and secondary if first fails. This causes some lag in case of primary is down (until timeout is reached and query is send to secondary) but DNS must be resolved.
Could you check your computers can reach to secondary DNS and do querys? (you can test using nslookup).

Author Comment

by:Jack Lloyd
ID: 40314118
Yes they can reach the secondary DNS server and perform DNS look ups. It just doesn't fail over when there's an issue with the main domain controller.

Is there some sort of time out we can set so it can flip onto the secondary domain controller much faster?


LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 40314131
Timeout is one second:

Are you sure is DNS related problem?

Accepted Solution

Jack Lloyd earned 0 total points
ID: 40356887

We figured this out in the end, turns out both the servers had been rebooted at the exact same time with some patch management software. One (the  primary) didn't come up cleanly but was still accepting DNS queries, therefore not failing over to the next server.

Thanks for your help though guys.

LVL 34

Expert Comment

by:Seth Simmons
ID: 40854370
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
Join Greg Farro and Ethan Banks from Packet Pushers ( and Greg Ross from Paessler ( for a discussion about smart network …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now