-1

So we have 2 dns servers,

  • DNS-Server-A: 20.20.33.82 (normal dns server which I don't have access to it)
  • DNS-Server-B: 172.30.11.254 (palo alto with dns proxy)

Core Switch DHCP pool configuration:

ip dhcp pool wifi-user
 network 172.20.12.0 255.255.252.0
 default-router 172.20.12.1
 dns-server 20.20.33.82 172.30.11.254

DNS-Server-A | 20.20.33.82 entry:

name:erp | FQDN:erp.companyname.com | IP: 20.20.38.7

DNS-Server-B | 172.30.11.254 (Palo Alto with DNS Proxy configuration):

name: dns-static1
Primary: 202.x.x.x (IP from ISP)
Secondary: 20.20.33.82 (DNS-Server-A IP)

static entries:
name:ldap | FQDN:ldap.companyname.com | IP: 172.20.10.45

When I use dynamic/dhcp ip and dns, it'll be like this

computer>ipconfig /all

Wireless LAN adapter Wireless Network Connection:

 Connection-specific DNS Suffix  . :
 Description . . . . . . . . . . . : 1x1 11b/g/n Wireless LAN PCI Express Half
Mini Card Adapter
 Physical Address. . . . . . . . . : XX-XX-XX-XX-XX-X1
 DHCP Enabled. . . . . . . . . . . : Yes
 Autoconfiguration Enabled . . . . : Yes
 Link-local IPv6 Address . . . . . : fe80::9500:1cbf:7f25:6496%13(Preferred)
 IPv4 Address. . . . . . . . . . . : 172.20.12.72(Preferred)
 Subnet Mask . . . . . . . . . . . : 255.255.252.0
 Default Gateway . . . . . . . . . : 172.20.12.1
 DHCP Server . . . . . . . . . . . : 172.20.12.1
 DHCPv6 IAID . . . . . . . . . . . : 190896153
 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-B7-4A-6F-60-D8-19-CD-36-11

 DNS Servers . . . . . . . . . . . : fe80::1%13
                                     20.20.33.82
                                     172.30.11.254
 NetBIOS over Tcpip. . . . . . . . : Enabled

Reset the DNS resolver

computer>ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

Ping the entry in DNS-Server-A (Success)

computer>ping erp.companyname.com

Pinging erp.companyname.com [20.20.38.7] with 32 bytes of data:
Reply from 20.20.38.7: bytes=32 time=11ms TTL=250
Reply from 20.20.38.7: bytes=32 time=9ms TTL=250
Reply from 20.20.38.7: bytes=32 time=17ms TTL=250
Reply from 20.20.38.7: bytes=32 time=303ms TTL=250

Ping statistics for 20.20.38.7:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 303ms, Average = 85ms

Ping the entry in DNS-Server-B (Fail)

C:\Users\Nugi>ping ldap.companyname.com
Ping request could not find host ldap.companyname.com. Please check the na
me and try again.

But when I use static DNS configuration (manually change it from client side)

Preferred DNS server: 20.20.33.82
Alternate DNS server: 172.30.11.254

I could ping both entries in DNS-Server-A and DNS-Server-B

What should I do so I could ping both of the dns entries but with dynamic/dhcp configuration?

M. Zharfan Nugroho
  • 1
  • 1
  • It looks like you're expecting DNS to query every server in it's server list. It doesn't work that way. If your two servers aren't going to give consistent results between them then you shouldn't be using them both on a client. –  Aug 24 '17 at 01:10

1 Answers1

0

Two problems I see.

First, look at your ipconfig /all output. You indicate that your two DNS servers are 20.20.33.82 and 172.30.11.254 yet ipconfig shows it received the two addresses 20.20.33.82 and 172.10.11.254. So either you aren't giving us the true and accurate information and made a typo, or your computer isn't receiving the proper DHCP information from your DHCP server that you show is configured.

Second, as stated in a previous comment, you are expecting that Windows will query the first DNS server for one entry, and the second DNS server for the other entry. That's not how it works. Windows queries the first (or second) DNS server, and if that server responds with a positive or negative result, that is it. No further queries. If Windows queries the first server and it fails to respond, Windows will then query the second server as a backup.

So, as stated, primary and secondary DNS servers are meant to be exact replicas of each other and simply serve as a redundant set of servers in case one fails. You cannot use two DNS servers with two different sets of records, you will get inconsistent results.

I'm not sure what you are trying to accomplish with this configuration, but you may want to look into one or a combination of:

  • Consolidating your domain records on one or the other server
  • Using one DNS server as a forwarder for the other DNS server
  • Setting up a stub zone
  • Separating records into two sub-domains, one domain hosted on each server.
  • Configuring zone replication between the two servers
Appleoddity
  • 3,290
  • 2
  • 10
  • 27