[Samba] DNS Problem Windows Client

basti mailinglist at unix-solution.de
Wed Feb 3 09:33:33 UTC 2021 


On 02.02.21 18:23, Kris Lou via samba wrote:
> https://blogs.msmvps.com/acefekay/2018/08/13/dns-wins-netbios-amp-the-client-side-resolver-browser-service-disabling-netbios-direct-hosted-smb-directsmb-if-one-dc-is-down-does-a-client-logon-to-another-dc-and-dns-forwarders-algorithm/#section7
> 
> (The entire post is a good one about Client-side DNS resolving.)
> 
> If the query sent to the first entry in the DNS list responds with an
>> NXDOMAIN response, meaning it is an actual response, but there is no
>> record from the server it asked, then it will look no further because it is
>> a response. however if it receives a NULL response, meaning the DNS
>> server is down and there is no response, it will remove the first entry
>> from the ‘eligible resolvers list’ for a certain amount of time (depending
>> on the OS version and SP level), then send the query to the second one.
>> However, if the record is already cached, it won’ even ask the first entry.
>> Hence why the possibility that the client machine is asking a DC that is
>> down.
>> Summary:
>> As I mentioned, this is ALL based on the client side resolver, not the DNS
>> server. This time out period can be perceived as by someone sitting there
>> waiting as ‘it’s not working’ because it appears to be taking so long. Also,
>> if it is already cached locally by the client side service, it will not
>> ask and will send the connection request to the cached record, which if it
>> is the server that is down, then it can’t connect anyway, and no response,
>> but you may be sitting there expecting it to go to the other DC that is up.
>> The way to reset the list is to restart the DHCP Client service (not the
>> DHCP server) on the workstation, and the way to delete the cache on the
>> client is to run ipconfig /flushdns, or simply restart the machine.
>> Or simply disable the DNS Client Side caching mechanism. It’s not
>> suggested to do this due to performance and especially if you have many
>> machines in the infrastructure.
> 
> 
> 
> Kris Lou
> klou at themusiclink.net

It is *not* NXDOMAIN it is timeout.

> 
> 
> On Tue, Feb 2, 2021 at 4:23 AM basti via samba <samba at lists.samba.org>
> wrote:
> 
>> Hello,
>> I have a Samba Domain with 2 Bind/ Samba DLZ DNS Servers.
>> So far so good. I'm not shure if this is a Samba or a Windows problem.
>>
>> When the first DNS Server in the list is failed for some reason the
>> Windows client run into a timeout and does not switch to secondary DNS.
>>
>> When I use nslookup and query the secondary DNS I get an answer.
>> Log attached.
>>
>> Any idea whats wrong here?
>>
>> Best Regards,
>>
>>
>> C:\Users\admin>ipconfig /all | findstr /R 30.
>>     IPv4-Adresse  . . . . . . . . . . : 192.168.30.4(Bevorzugt)
>>     Standardgateway . . . . . . . . . : 192.168.30.1
>>     DHCP-Server . . . . . . . . . . . : 192.168.30.1
>>     DNS-Server  . . . . . . . . . . . : 192.168.30.2
>>                                         192.168.30.6
>>
>> C:\Users\admin>nslookup heise.de
>> DNS request timed out.
>>      timeout was 2 seconds.
>> Server:  UnKnown
>> Address:  192.168.30.2
>>
>> DNS request timed out.
>>      timeout was 2 seconds.
>> DNS request timed out.
>>      timeout was 2 seconds.
>> DNS request timed out.
>>      timeout was 2 seconds.
>> DNS request timed out.
>>      timeout was 2 seconds.
>> *** Zeitüberschreitung bei Anforderung an UnKnown.
>>
>> C:\Users\admin>nslookup heise.de 192.168.30.6
>> Server:  dc2.samdom.example.com
>> Address:  192.168.30.6
>>
>> Nicht autorisierende Antwort:
>> Name:    heise.de
>> Addresses:  2a02:2e0:3fe:1001:302::
>>            193.99.144.80
>>
>>
>> C:\Users\admin>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>

More information about the samba mailing list