Announcement

Collapse
No announcement yet.

DNS forwarding

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • DNS forwarding

    If I specify 2 DNS servers in a forwarders list, and the primary DNS server in the forwarders list goes down, does it automatically query the secondary? Or does it attempt to query the primary first for a while before jumping to the secondary?

    What I'm really after is a DNS forwarding failover explanation.

  • #2
    Re: DNS forwarding

    If I remember it will only query the second if it doesn't get a response from the first. If it gets a negative response from the first then it will not query the second i.e. if the first DNS servers doesn't know about the hosts's IP address it wont query the second one becuase you got a valid response.

    Someone correct me if I'm worng.

    Michael
    Michael Armstrong
    www.m80arm.co.uk
    MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

    Comment


    • #3
      Re: DNS forwarding

      Originally posted by Darth Vader View Post
      If I specify 2 DNS servers in a forwarders list, and the primary DNS server in the forwarders list goes down, does it automatically query the secondary? Or does it attempt to query the primary first for a while before jumping to the secondary?

      What I'm really after is a DNS forwarding failover explanation.
      In short, I think It queries the first one and if it doesn't get a response then jumps to the second one on the list and consequently the root hints if recursion is enabled etc.

      Cheers
      Caesar's cipher - 3

      ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

      SFX JNRS FC U6 MNGR

      Comment


      • #4
        Re: DNS forwarding

        2 Clients, each have a primary and secondary DNS server AD1 and AD2

        AD1 is taken offline, AD1 is primary of client, client makes recursive query to AD1 gets no response, makes the same query to AD2.

        AD2 looks up its forwarders and performs a recursive query to Forwarder 1, gets no response, this timeout can be set on your DNS server (how long it waits) then performs the same query to forwarder 2 and gets response.

        like the others have said, if both forwarders fail then the DNS server will send iterative queries to root hints "." untill it can find an authoritive response.


        Hope this give you a general idea on what you asked for a a fail over senario.
        MCSE 2003; MCTS Vista; Sec+; CCNA
        Attitude Makes The Difference!
        in other words you got to WANT to do it..

        Comment


        • #5
          Re: DNS forwarding

          Thanks for your replies. Should have mentioned that it is for an IPAM box (if that makes any difference to how DNS works).

          At the main site, all authoratative lookups are done on the IPAM box there. Any non-authoratative queries are done via a couple of forwarders (both IPAM boxes at 2 different sites, one desginated as the primary, the other as the secondary). Just need some sort of re-assurance that if the primary forwarder was to fail, that any non-auth lookups get performed on the secondary as if nothing had happened.

          Comment


          • #6
            Re: DNS forwarding

            To my knowledge that should work just fine.
            MCSE 2003; MCTS Vista; Sec+; CCNA
            Attitude Makes The Difference!
            in other words you got to WANT to do it..

            Comment


            • #7
              Re: DNS forwarding

              Got a similar situation myself. My company performs it's authoratative queries locally, but non-authoratative queries are passed to forwarders at another site.

              From what I understand is that if the primary forwarder goes down, it should query the secondary forwarder that you have specified, then if the secondary was to go down too, it queries the root hints.

              What I'd like to know is, is there any way of testing that the secondary will work if the primary goes down using a tool such as dig? Is that possible? (The obvious test is to down the primary forwarder at the remote site, but management there won't allow that).

              Comment

              Working...
              X