DNS Failover on Windows Clients

Posted on 2014-09-10
Last Modified: 2015-06-27

We've got multiple domain controllers based at our head office all running AD DS & DNS.

Our Primary domain controller is configured to be the Primary DNS server for our Windows servers and workstations. Recently our primary controller has gone down twice and although we're making our AD infrastructure more resilient can anybody explain why workstations and servers are not failing over to the secondary DNS server specified in their NIC? It appears that they carry on querying the primary DNS server continually despite it not being available

Question by:Jack Lloyd
  • 2
  • 2
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 40314111
DNS resolution first do on primary and secondary if first fails. This causes some lag in case of primary is down (until timeout is reached and query is send to secondary) but DNS must be resolved.
Could you check your computers can reach to secondary DNS and do querys? (you can test using nslookup).

Author Comment

by:Jack Lloyd
ID: 40314118
Yes they can reach the secondary DNS server and perform DNS look ups. It just doesn't fail over when there's an issue with the main domain controller.

Is there some sort of time out we can set so it can flip onto the secondary domain controller much faster?


LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 40314131
Timeout is one second:

Are you sure is DNS related problem?

Accepted Solution

Jack Lloyd earned 0 total points
ID: 40356887

We figured this out in the end, turns out both the servers had been rebooted at the exact same time with some patch management software. One (the  primary) didn't come up cleanly but was still accepting DNS queries, therefore not failing over to the next server.

Thanks for your help though guys.

LVL 34

Expert Comment

by:Seth Simmons
ID: 40854370
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
Resolve DNS query failed errors for Exchange
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now