5

When multiple DNS Servers are set on a client I have always believed it worked something like this:

The Primary DNS Server is always used if it is available and the Secondary DNS Server is only ever used if the event that the primary in unavailable. Is my understanding here correct?

Reason for asking is because I have just found this from Microsoft:

if you use multiple DNS servers, the client may also query the secondary server sometimes even if the first one is available

Let me see if I can rephrase the question better:

If Primary DNS is online and working why does DNSCache still seem to use Secondary DNS Server sometimes? My understanding is this should not happen.

According to Microsoft:

if you use multiple DNS servers, the client may also query the secondary server sometimes even if the first one is available

So how are clients with multiple DNS Servers supposed to behave? Is this a bug in Win8 DNSCache?

But this article from MS seems to turn everything on its head: http://support.microsoft.com/kb/320760

This behavior occurs because the Windows XP DNS Client service (Dnscache) follows a certain algorithm when it decides the order in which it uses the DNS servers configured in the TCP/IP properties. If the DNS server list is reprioritized, the Windows XP DNS Client service resets the server priority at periodic intervals. By default, the server priorities are reset every 15 minutes

This suggests that DNSCache does not treat Primary/Secondary as different priorities, just as alternative DNS servers of equal priority.

There is the ServerPriorityTimeLimit=0 registry setting to change to fix this behaviour.

Does this mean that MS DNSCache is broken and needs this registry fix to make it start working correctly again?

user9517
  • 114,104
  • 20
  • 206
  • 289
NickC
  • 2,313
  • 13
  • 40
  • 52

1 Answers1

3

If the Primary server can be reached, it will only query that server. If the query doesn't return anything it will send it to its forwarders, but if they don't return anything it will fail at that point. It won't continue on to the secondary DNS server.

It uses the secondary DNS server if the primary is not responding to DNS queries at all.

The secondary DNS server is NOT there as a fallback query (think forwarder) in case the primary DNS server doesn't know the answer.

Also, Evan and Joe: How does Windows decides which DNS Server to use when resolving names?

Also:

https://serverfault.com/questions/130608/when-is-a-secondary-nameserver-hit

Why should one have a secondary DNS server?

Community
  • 1
TheCleaner
  • 32,352
  • 26
  • 126
  • 188
  • 1
    It all boils down to what "unavailable" means. As pointed out in the Microsoft DNS Process documentation, the first time the preferred name server is queried, the DNS Client considers it "unavailable" after a 1-second timeout. The second time (during the same lookup routine) the preferred name server is queried, the DNS Client considers it "unavailable" after a 2-second timeout. Then, and only then, will secondary name servers be queried – Mathias R. Jessen Apr 22 '13 at 13:21
  • 1
    Correct. I simplified it, with my answer really being "don't expect if the primary server doesn't know the answer that it will continue on to the secondary." – TheCleaner Apr 22 '13 at 13:23
  • > If the DNS Client service does not receive a response from the first DNS server within one second, it sends the name query to the first DNS servers on all adapters that are still under consideration and waits two seconds for a response. https://serverfault.com/a/84293/345992 – Alex78191 Jul 08 '22 at 16:27