[Samba] DNS Problem Windows Client

Rowland penny rpenny at samba.org
Wed Feb 3 11:31:37 UTC 2021 

On 03/02/2021 09:33, basti via samba wrote:
>
>
> On 02.02.21 18:23, Kris Lou via samba wrote:
>> https://blogs.msmvps.com/acefekay/2018/08/13/dns-wins-netbios-amp-the-client-side-resolver-browser-service-disabling-netbios-direct-hosted-smb-directsmb-if-one-dc-is-down-does-a-client-logon-to-another-dc-and-dns-forwarders-algorithm/#section7 
>>
>>
>> (The entire post is a good one about Client-side DNS resolving.)
>>
>> If the query sent to the first entry in the DNS list responds with an
>>> NXDOMAIN response, meaning it is an actual response, but there is no
>>> record from the server it asked, then it will look no further 
>>> because it is
>>> a response. however if it receives a NULL response, meaning the DNS
>>> server is down and there is no response, it will remove the first entry
>>> from the ‘eligible resolvers list’ for a certain amount of time 
>>> (depending
>>> on the OS version and SP level), then send the query to the second one.
>>> However, if the record is already cached, it won’ even ask the first 
>>> entry.
>>> Hence why the possibility that the client machine is asking a DC 
>>> that is
>>> down.
>>> Summary:
>>> As I mentioned, this is ALL based on the client side resolver, not 
>>> the DNS
>>> server. This time out period can be perceived as by someone sitting 
>>> there
>>> waiting as ‘it’s not working’ because it appears to be taking so 
>>> long. Also,
>>> if it is already cached locally by the client side service, it will not
>>> ask and will send the connection request to the cached record, which 
>>> if it
>>> is the server that is down, then it can’t connect anyway, and no 
>>> response,
>>> but you may be sitting there expecting it to go to the other DC that 
>>> is up.
>>> The way to reset the list is to restart the DHCP Client service (not 
>>> the
>>> DHCP server) on the workstation, and the way to delete the cache on the
>>> client is to run ipconfig /flushdns, or simply restart the machine.
>>> Or simply disable the DNS Client Side caching mechanism. It’s not
>>> suggested to do this due to performance and especially if you have many
>>> machines in the infrastructure.
>>
>>
>>
>> Kris Lou
>> klou at themusiclink.net
>
> It is *not* NXDOMAIN it is timeout.


If your Windows client is timing out waiting for a dns server, then 
surely this is a windows problem ?

Rowland

More information about the samba mailing list