Clrify DNS Sequence

Have a wierd DNS behavoiur and wanted to check my understanding of the flow of DNS in MS DNS servers

  1. A User types in address www.company.com.uk
  2. If the sites Server 2008 R2 server is the authoritative server it responds with the details
  3. If the sites Server isnt authoritative, it asks via the default gateway, the DNS server of the ISP
  4. If that isnt returned in time, it then queries the root hint server for that domain prefix alphanumeric c.root-ervers.net

In short it does check the root hints last
LVL 8
mbkitmgrAsked:
Who is Participating?
 
Alexey KomarovConnect With a Mentor Chief Project EngineerCommented:
Hi,
Look in the section "Querying the database"
https://technet.microsoft.com/en-us/library/dd197427(v=ws.10).aspx
1
 
Sajid Shaik MSr. System AdminCommented:
https://www.ietf.org/proceedings/42/slides/nat-heffernan-slides-98aug/sld001.htm

1. Host sends request to local name server.  (if its found the related request i.e the host on local it'll resolve to thats mac and sends the information to requester and comunication begins)
(if packet is related to internet or non local lan  then)
2. Local name server sends request to root.
3. Root refers local name server to remote name server.
4. Local name server sends request to remote name server.
5. Remote name server replies to local name server.
6. Local name server replies to host.
all the best
0
 
PberConnect With a Mentor Solutions ArchitectCommented:
If you want to see the above in action do the following in nslookup

At a command windows run NSLOOKUP
Type: Set d2
Type: www.company.com.uk

You will see the either resolution path.  You'll probably get more than you expected as this process will also enumerate through all your DNS suffix search list if you use them.  If you don't want to see that, put a period on the end of your fqdn  e.g.:

Type: www.company.com.uk.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
Jeremy WeisingerConnect With a Mentor Senior Network Consultant / EngineerCommented:
In short it does check the root hints last
In short, it will only check through root hints if the forwarders are unavailable and the cache doesn't contain the record. If the server has it in their cache then it doesn't do any more checking. If it gets a response (either a valid record or saying it can't find anything) from a forwarder then it doesn't check the root hints.
https://technet.microsoft.com/en-us/library/cc730756(v=ws.11).aspx
0
 
mbkitmgrAuthor Commented:
Thanks to you all.  I have a client who running SBS2011.  is able to see any website locally (Australia) but only selected international ones.  e.g. Twitter-yes, Facebook-No, Instagram-Yes, BBC.Com-No.  There may be more but these are ones I am testing confident they aren't in the middle of an outage.

When I do an nslookup working my way up the food chain, and try to lookup one of the international domains that works all is good, when I try one that isnt working I get 'request timed out'. I wasn't sure of when or what the sequence forwarders are used vs root hints vs external DNS calls.

Since lodging this I called the ISP, they have others getting the same response
0
 
Jeremy WeisingerConnect With a Mentor Senior Network Consultant / EngineerCommented:
Try using another DNS provider like Google (8.8.8.8, 8.8.4.4), Level 3 (4.2.2.1 - 4.2.2.6), or the new QuadNine (9.9.9.9). See if you're able to resolve the domains then.
0
 
mbkitmgrAuthor Commented:
HI Jeremy, That's what I ended up doing   I added 8.8.8.8 as a forwarder and all is now happy.  The ISP has asked me to do some more tests later today for them.  I'm keen to undertsand what the issue was.
0
 
Jeremy WeisingerConnect With a Mentor Senior Network Consultant / EngineerCommented:
Ah, so you know the issue is with the ISP's DNS servers.

You can switch to using some independent DNS servers as your forwarders or just use root hints.

I like to use forwarders. You can test what works best with DNS Benchmark: https://www.grc.com/dns/benchmark.htm
0
 
mbkitmgrAuthor Commented:
Many thanks to all
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.