Windows machine failover to 2nd Umbrella dns server

Madura Malwatte · ‎10-30-2019

I am testing failover of Umbrella VA. I have two at my site and for testing powered off the primary Umbrella VA. My windows machine is configured with DNS servers as VA1 and VA2. When I power off VA1, and try nslookup from windows machine, the dns requests timeout because its still trying to use VA1.

Example:

C:\Windows\system32>nslookup cisco.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 10.1.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out

ipconfig of dns servers on interface:

DNS Servers . . . . . . . . . . . : 10.1.1.1
10.1.1.2

In the browser I can access websites so DNS resolution with VA2 is working fine. Is it normal behaviour for windows machine to not use the 2nd dns server for nslookup command when the 1st server is unreachable?

Also I took a packet capture and I can see the machine sending the dns requests to both its configured dns servers (both VA's), but getting a response back from VA2 only as VA1 is offline. I would have thought windows would not use VA1 since it's unreachable and only try VA2. but i guess it is normal behaviour to use all configured dns servers even if they are down?

opryluts · ‎11-04-2019

Hi There,

Yes, that's the expected behavior of the Windows DNS client. Please find a more detailed explanation from MS below:

https://support.microsoft.com/en-us/help/2834226/net-dns-dns-client-resolution-timeouts

If you find the response helpful please consider marking it "Helpful/Resolved"