4

I'm running into an odd issue with a number of Windows 7 machines on my network.

These machines are currently configured to use a local DNS server, 192.168.1.42, as their primary DNS server. Google's public DNS, 8.8.8.8, is configured as an alternate DNS server.

Occasionally, and sporadically, the resolution of local FQDNs completely fails. So, supposing I ping test.loc, I will get a "could not find host" error. FQDNs with records in Google's DNS resolve fine.

Loading up Wireshark and checking the actual traffic during this ping attempt shows a query going out to 8.8.8.8 for test.loc, and, obviously, this is not found.

Yet, if, while this problem persists, I run, say, nslookup test.loc, I can see DNS queries being sent to the primary DNS server, 192.168.1.42. This is the only case, while the problem persists, in which the primary DNS server is used. In any other case -- ping requests, attempts to access a Web resource on test.loc, etc. -- Windows immediately skips to the alternate DNS server.

I can temporarily fix this issue by restarting my DNS Client service (net stop dnscache, net start dnscache), or by resetting my network adapter (I've only tried this via the GUI), but the issue seems to recur often (though without any apparent pattern).

Any ideas about why Windows is refusing to use my primary DNS server for non-nslookup name resolution would be appreciated!

(We're not in an AD domain, so any troubleshooting should keep that in mind.)

James Westbury
  • 145
  • 1
  • 2
  • 11
  • Are you using an Active Directory domain? – MDMarra Feb 06 '13 at 16:12
  • Sorry, I'll edit to include that. No, no AD Domain. – James Westbury Feb 06 '13 at 16:14
  • I found [this article](http://support.microsoft.com/default.aspx?scid=kb;en-us;320760) pertaining to Windows XP DNS Client Service behavior, and it looks like sometimes the client will fail to re-set the DNS server priorities. It looks like there may be a registry-based fix to force Windows to try the primary DNS server first on all resolution attempts. I'll try this next time the problem recurs. – James Westbury Feb 06 '13 at 16:17
  • Does the symptom present for clients that do not have the secondary DNS server configured? – Greg Askew Feb 06 '13 at 16:51
  • No, it does not present for clients with no secondary DNS server configured. – James Westbury Feb 06 '13 at 18:15
  • Does this happen when you switch the DNS servers around or play with the routes? – Techie Joe Apr 09 '13 at 23:10

3 Answers3

3

Unfortunately, there does not appear to be a fix for this issue. It occurs when Windows fails to contact its primary DNS server, and alters the DNS priority internally to prefer the secondary DNS server. The only way to reset DNS server priority in Windows 7 is to restart the DNS client service.

James Westbury
  • 145
  • 1
  • 2
  • 11
3

First, you should determine why the primary DNS server is having problems responding (or why the client is having trouble receiving responses from the primary DNS server). Barring that, the only option is to follow the steps below to force Windows to always try your primary DNS server first (which will slow things down if that primary DNS server does fail).

Here's the relevant part from the MS KB article linked above:

Modify the following key in the registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters

Create a new DWORD value with a name of ServerPriorityTimeLimit and set the value to 0 (that's a zero).

When you set ServerPriorityTimeLimit to 0, the server priorities are reset before the DNS Client service decides which DNS server to use. You must restart Windows for these changes to take affect. Any other value used in this field will cause the default behavior. Only values of 0 change the default behavior. All other values cause the default behavior.

chicks
  • 3,793
  • 10
  • 27
  • 36
shdwlynx
  • 31
  • 1
  • FYI, to troubleshoot the Windows DNS Client, a.k.a. DNS Cache Service (dnscache), the best thing to do is enable logging, although be sure to disable it when done so the log doesn't suck up space. In Event Viewer, navigate to: Applications and Services Logs -> Microsoft -> Windows -> DNS Client Events -> Operational The log is Disabled by default, so don't forget to Enable it. – shdwlynx Jul 26 '16 at 20:27
  • 1
    To put things in context, I had this issue with a dual-NIC system. One was directly connected to the Internet and the other connected to a VPN. The trick is to setup the VPN-accessible DNS servers on the VPN-connected NIC only, give the VPN-connected NIC a lower Metric (under IPv4 settings) than the Internet-connected NIC, but ensure that the Internet-connected default gateway has a lower metric than the VPN-connected default gateway, and finally, add static routes for the subnets you actually want to get to via the VPN so that it uses the VPN-connected NIC only for those subnets. – shdwlynx Jul 26 '16 at 20:31
  • This is helpful even after diagnosing and fixing the issue! Windows will seem to hold a grudge against a dns server and never query it again (unless specifically asked to with nslookup). No amount of resetten and restarting will fix it. This registry change did it though. – Vincent Vancalbergh Feb 05 '17 at 07:56
-1

This apparently works on Win 7 (and possibly others):

http://support2.microsoft.com/default.aspx?scid=kb;en-us;320760

It definitely worked on my Windows 10 Tech Preview system!

user246217
  • 1
  • 1