Clrify DNS Sequence

Have a wierd DNS behavoiur and wanted to check my understanding of the flow of DNS in MS DNS servers

  1. A User types in address www.company.com.uk
  2. If the sites Server 2008 R2 server is the authoritative server it responds with the details
  3. If the sites Server isnt authoritative, it asks via the default gateway, the DNS server of the ISP
  4. If that isnt returned in time, it then queries the root hint server for that domain prefix alphanumeric c.root-ervers.net

In short it does check the root hints last
LVL 8
mbkitmgrAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Alexey KomarovChief Project EngineerCommented:
Hi,
Look in the section "Querying the database"
https://technet.microsoft.com/en-us/library/dd197427(v=ws.10).aspx
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Sajid Shaik MSr. System AdminCommented:
https://www.ietf.org/proceedings/42/slides/nat-heffernan-slides-98aug/sld001.htm

1. Host sends request to local name server.  (if its found the related request i.e the host on local it'll resolve to thats mac and sends the information to requester and comunication begins)
(if packet is related to internet or non local lan  then)
2. Local name server sends request to root.
3. Root refers local name server to remote name server.
4. Local name server sends request to remote name server.
5. Remote name server replies to local name server.
6. Local name server replies to host.
all the best
0
PberSolutions ArchitectCommented:
If you want to see the above in action do the following in nslookup

At a command windows run NSLOOKUP
Type: Set d2
Type: www.company.com.uk

You will see the either resolution path.  You'll probably get more than you expected as this process will also enumerate through all your DNS suffix search list if you use them.  If you don't want to see that, put a period on the end of your fqdn  e.g.:

Type: www.company.com.uk.
0
Challenges in Government Cyber Security

Has cyber security been a challenge in your government organization? Are you looking to improve your government's network security? Learn more about how to improve your government organization's security by viewing our on-demand webinar!

Jeremy WeisingerSenior Network Consultant / EngineerCommented:
In short it does check the root hints last
In short, it will only check through root hints if the forwarders are unavailable and the cache doesn't contain the record. If the server has it in their cache then it doesn't do any more checking. If it gets a response (either a valid record or saying it can't find anything) from a forwarder then it doesn't check the root hints.
https://technet.microsoft.com/en-us/library/cc730756(v=ws.11).aspx
0
mbkitmgrAuthor Commented:
Thanks to you all.  I have a client who running SBS2011.  is able to see any website locally (Australia) but only selected international ones.  e.g. Twitter-yes, Facebook-No, Instagram-Yes, BBC.Com-No.  There may be more but these are ones I am testing confident they aren't in the middle of an outage.

When I do an nslookup working my way up the food chain, and try to lookup one of the international domains that works all is good, when I try one that isnt working I get 'request timed out'. I wasn't sure of when or what the sequence forwarders are used vs root hints vs external DNS calls.

Since lodging this I called the ISP, they have others getting the same response
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Try using another DNS provider like Google (8.8.8.8, 8.8.4.4), Level 3 (4.2.2.1 - 4.2.2.6), or the new QuadNine (9.9.9.9). See if you're able to resolve the domains then.
0
mbkitmgrAuthor Commented:
HI Jeremy, That's what I ended up doing   I added 8.8.8.8 as a forwarder and all is now happy.  The ISP has asked me to do some more tests later today for them.  I'm keen to undertsand what the issue was.
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Ah, so you know the issue is with the ISP's DNS servers.

You can switch to using some independent DNS servers as your forwarders or just use root hints.

I like to use forwarders. You can test what works best with DNS Benchmark: https://www.grc.com/dns/benchmark.htm
0
mbkitmgrAuthor Commented:
Many thanks to all
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.