Lafflin
asked on
DNS Queries behaving strangely.
I have suddenly been plagued with a DNS issue where my Windows 7 desktops are unable to resolve domain resources. In viewing the DNS cache of the machines themselves I see negative DNS records which read as "name does not exist".
Subsequent lookups do not query a server but just use the negative entry already cached.
These Negative DNS records happen because one of my three (the last) DNS servers provided by DHCP is 8.8.8.8
Because this server is the last of the three I would expect that the first two, which are both reachable Domain Controllers would provide resolution for the query. After looking through the traffic with Wireshark however I noticed that these DNS servers aren't even queried. The query is sent to 8.8.8.8
I have used NSlookup to verify that these first two DC's are replying to queries properly and sure enough they are.
I have gone and taken 8.8.8.8 out of my DNS list in DHCP for all my offices and everything seems to be fine.
I cannot however for the life of me understand why this very odd behavior exists and am hoping to find that someone else is at least experiencing the same issue.
One note to add, all these sites do not have a local DNS/DC on site. the few that do seem to be perfectly fine.
Thanks for any consideration given.
Subsequent lookups do not query a server but just use the negative entry already cached.
These Negative DNS records happen because one of my three (the last) DNS servers provided by DHCP is 8.8.8.8
Because this server is the last of the three I would expect that the first two, which are both reachable Domain Controllers would provide resolution for the query. After looking through the traffic with Wireshark however I noticed that these DNS servers aren't even queried. The query is sent to 8.8.8.8
I have used NSlookup to verify that these first two DC's are replying to queries properly and sure enough they are.
I have gone and taken 8.8.8.8 out of my DNS list in DHCP for all my offices and everything seems to be fine.
I cannot however for the life of me understand why this very odd behavior exists and am hoping to find that someone else is at least experiencing the same issue.
One note to add, all these sites do not have a local DNS/DC on site. the few that do seem to be perfectly fine.
Thanks for any consideration given.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I think the thought is so that DNS will work (for public) in the event that the VPN to where the DNS server actually is breaks.
The truth of this matter is we should try to have DNS on as many sites as possible and keep latency down on those where you cannot.
Thanks Will, I was able to get more info on the one second latency rule after seeing you mention it and now all makes sense.