Windows 10 dns timeout

Windows 10 dns timeout DEFAULT

I have a number of multihomed Windows 10 client VMs joined to a Windows 2012 R2 domain. Ethernet1 is connected to a LAN with the domain controllers (which do not have forwarders, or access to the root servers), Ethernet2 is connected to a LAN with access to the internet, Ethernet0 and Ethernet3 both have their media disconnected. Queries for records from the domain controllers are returned just fine, but queries for records from the internet take 10 seconds plus however long my ISP's DNS servers take to return a response. If I query my ISP's DNS servers directly via the name is resolved promptly (< 1 second), if I just run without specifying a DNS server the query times out and the name is never resolved, and if I try to ping the DNS name it takes > 10 seconds before the name is resolved.

I've looked around Technet, but there doesn't seem to be any documentation yet on Windows 10. The best i've found is:

http://blogs.technet.com/b/networking/archive/2009/06/26/dns-client-resolver-behavior.aspx
http://blogs.technet.com/b/stdqry/archive/2011/12/15/dns-clients-and-timeouts-part-2.aspx

Which says that I should expect my client to query the primary DNS server for Ethernet1, wait 1 second for the response to timeout, and then query both the secondary DNS server for Ethernet1 and the primary DNS server for Ethernet2, but this doesn't seem to be happening. The documentation goes on to say that after 10 seconds (and more 3 more rounds of DNS queries with longer timeouts) DNS resolution would fail completely for all adapters, but the behavior of the client gives the impression it is taking 10 seconds before even attempting to use the DNS servers for the second adapter.

Absent me (or you) opening up Wireshark and sniffing the line, or blindly modifying does anyone know how Windows 10 is supposed to behave, and more importantly how I can go about configuring the behavior? I'm willing to live with a ~1 second resolution time, but 10 seconds is rather brutal.

ipconfig

nslookup

Update

In case anyone else is wondering, I joined a Win7 SP1 (no patches) VM with the same network adapter configuration to the domain, moved it in to the same OU as the other VMs and updated group policy on the client just in case. It is able to resolve DNS queries both from the DC's DNS servers and my ISPs immediately. So it looks like this is behavior specific to the Windows 10 DNS client.

Update 2

So things are getting stranger. It does look like Win10 by default will issue the queries in parallel but it will not pass the response on to whatever process requested it until all queries timeout. And for some reason the DNS server on my 2nd domain controller isnt working. Does anyone know how to disable this behavior?

Wireshark Packet Trace

Sours: https://itectec.com/superuser/multihomed-windows-10-dns-resolution-timeouts/

NET: DNS: DNS client resolution timeouts

  • 8 minutes to read

This document describes the fallback and timeout behavior that exist when one or more Domain Name System (DNS) Servers IPs are configured on a Windows DNS client.

Applies to:   Windows 10 - all editions
Original KB number:   2834226

Summary

For more information, see NET: DNS: Forwarders and Conditional Forwarders resolution timeouts.

Configuring DNS clients with more than one DNS Server IP adds additional fault tolerance to your DNS infrastructure. Adding multiple DNS Servers IPs allows DNS names to continue to be resolved if failures of the only configured DNS Server, of the underlying network link, or the supporting network infrastructure that connects a given client to a DNS Server. Such name failures may cause application or component hangs, resource outages waiting for dependent timeout expirations that directly or indirectly cause operational failures.

For these reasons, it's recommended to configure any Windows client with more than one DNS server, but it's important to be aware of the Windows client resolution process, as it's different based on how many DNS servers we've configured.

What is the default behavior of a DNS client when a single DNS server is configured on the NIC

The behavior is the following (tested on Windows XP, Windows 7, and Windows 8 clients with a single NIC):

Time (seconds since start)Action
0Client queries the DNS server
1If no response is received after 1 second, client queries again the DNS server
2If no response is received after 1 more second, client queries again the DNS server
4If no response is received after 2 more seconds, client queries again the DNS server
8If no response is received after 4 more seconds, client queries again the DNS server
10If no response is received after 2 more seconds, client stops querying

Any Name Error response by the DNS server will cause the process to stop - client doesn't retry if the response was negative.

In this scenario, the client is then trying to query the same DNS server five times before timing out.

Example

Windows 8 Client with a single DNS server configured, querying for Microsoft.com

Ipconfig on the client

IPv4 Address. . . . . . . . . . . : 10.0.0.31(Preferred)
DNS Servers . . . . . . . . . . . : 10.0.0.1

Network Monitor output

Time Time Offset TimeDelta Source Dest Details

6:23:33.8063812 0.0000000 0.0000000 10.0.0.31 10.0.0.1 DNS:QueryId = 0xA5B4, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:23:34.8026943 0.9963131 0.9963131 10.0.0.31 10.0.0.1 DNS:QueryId = 0xA5B4, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:23:35.8042696 1.9978884 1.0015753 10.0.0.31 10.0.0.1 DNS:QueryId = 0xA5B4, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:23:37.8184257 4.0120445 2.0141561 10.0.0.31 10.0.0.1 DNS:QueryId = 0xA5B4, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:23:41.8394589 8.0330777 4.0210332 10.0.0.31 10.0.0.1 DNS:QueryId = 0xA5B4, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

What is the default behavior of a Windows XP DNS client when two DNS servers are configured on the NIC

The behavior is the following (tested on Windows XP clients with a single NIC):

Time (seconds since start)Action
0Client queries the first DNS server of the list
1If no response is received after 1 second, client queries the second DNS server of the list and at the same time queries again the first DNS server
3If no response is received after 2 more seconds, client queries again the first DNS server
7If no response is received after 4 more seconds, client queries again the first DNS server
9If no response is received after 2 more seconds, client stops querying

Any Name Error response by any of the DNS servers will cause the process to stop - client doesn't retry with the next server if the response was negative. Client tries new servers only if the previous are unreachable.

In this scenario, the client is then trying to query mostly the first DNS server, and the secondary once.

Example

Windows XP Client with two DNS servers configured querying for Microsoft.com

Ipconfig on the client

Network Monitor output

Time Time Offset TimeDelta Source Dest Details

6:39:09.8013750 0.0000000 0.0000000 10.0.0.31 10.0.0.1 DNS:QueryId = 0x1960, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:39:10.8013750 1.0000000 1.0000000 10.0.0.31 10.0.0.2 DNS:QueryId = 0x1960, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:39:10.8013750 1.0000000 0.0000000 10.0.0.31 10.0.0.1 DNS:QueryId = 0x1960, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:39:12.8013750 3.0000000 2.0000000 10.0.0.31 10.0.0.1 DNS:QueryId = 0x1960, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:39:16.8013750 7.0000000 4.0000000 10.0.0.31 10.0.0.1 DNS:QueryId = 0x1960, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

What is the default behavior of a Windows 7 or Windows 8 DNS client when two DNS servers are configured on the NIC

The behavior is the following (tested on Windows 7 and Windows 8 clients with a single NIC):

Time (seconds since start)Action
0Client queries the first DNS server of the list
1If no response is received after 1 second, client queries the second DNS server of the list
2If no response is received after 1 more second, client queries again the second DNS server of the list
4If no response is received after 2 more seconds, client queries all the servers in the list at the same time
8If no response is received after 4 more seconds, client queries all the servers in the list at the same time
10If no response is received after 2 more seconds, client stops querying

Any Name Error response by any of the DNS servers will cause the process to stop - client doesn't retry with the next server if the response was negative. Client tries new servers only if the previous are unreachable.

Example

Windows 8 Client with two DNS servers configured querying for Microsoft.com

Ipconfig on the client

Network Monitor output

Time Time Offset TimeDelta Source Dest Details

6:28:12.5060330 0.0000000 0.0000000 10.0.0.31 10.0.0.1 DNS:QueryId = 0x7B1C, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:28:13.5129164 1.0068834 1.0068834 10.0.0.31 10.0.0.2 DNS:QueryId = 0x7B1C, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:28:14.5124283 2.0063953 0.9995119 10.0.0.31 10.0.0.2 DNS:QueryId = 0x7B1C, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:28:16.5288823 4.0228493 2.0164540 10.0.0.31 10.0.0.1 DNS:QueryId = 0x7B1C, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:28:16.5289050 4.0228720 0.0000227 10.0.0.31 10.0.0.2 DNS:QueryId = 0x7B1C, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:28:20.5582196 8.0521866 4.0293146 10.0.0.31 10.0.0.1 DNS:QueryId = 0x7B1C, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

6:28:20.5582475 8.0522145 0.0000279 10.0.0.31 10.0.0.2 DNS:QueryId = 0x7B1C, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

What is the default behavior of a DNS client when three or more DNS servers are configured on the NIC

How many of them are used and what are the timeouts?

The behavior is the following (tested on Windows XP, Windows 7, and Windows 8 clients with a single NIC):

Time (seconds since start)Action
0Client queries the first DNS server of the list
1If no response is received after 1 second, client queries the second DNS server of the list
2If no response is received after 1 more second, client queries the third DNS server of the list
4If no response is received after 2 more seconds, client queries all the servers in the list at the same time
8If no response is received after 4 more seconds, client queries again all the servers in the list at the same time
10If no response is received after 2 more seconds, client stops querying

Any Name Error response by any of the DNS servers will cause the process to stop - client doesn't retry with the next server if the response was negative. Client tries new servers only if the previous are unreachable.

If the only reachable server is in position 4 or higher, we have an expected delay of at least 4 seconds after the original query before actually trying it. This can cause issues if the application that has requested the DNS resolution has an application resolution timeout lower than this value. The only way to have this server queried earlier will be to set it in the first three positions.

Example

Client with five DNS servers configured querying for Microsoft.com

Ipconfig on the client

Network Monitor output

Time Time Offset TimeDelta Source Dest Details

9:50:19.4165728 0.0000000 0.0000000 10.0.0.31 10.0.0.1 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

9:50:20.4030068 0.9864340 0.9864340 10.0.0.31 10.0.0.2 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

9:50:21.4053190 1.9887462 1.0023122 10.0.0.31 10.0.0.3 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

9:50:23.4022371 3.9856643 1.9969181 10.0.0.31 10.0.0.1 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

9:50:23.4022575 3.9856847 0.0000204 10.0.0.31 10.0.0.2 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

9:50:23.4022646 3.9856918 0.0000071 10.0.0.31 10.0.0.3 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

9:50:23.4023130 3.9857402 0.0000484 10.0.0.31 10.0.0.4 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

9:50:23.4023347 3.9857619 0.0000217 10.0.0.31 10.0.0.5 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

9:50:27.4113578 7.9947850 4.0090231 10.0.0.31 10.0.0.1 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

9:50:27.4113788 7.9948060 0.0000210 10.0.0.31 10.0.0.2 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

9:50:27.4113860 7.9948132 0.0000072 10.0.0.31 10.0.0.3 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

9:50:27.4113932 7.9948204 0.0000072 10.0.0.31 10.0.0.4 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

9:50:27.4114034 7.9948306 0.0000102 10.0.0.31 10.0.0.5 DNS:QueryId = 0xE2A2, QUERY (Standard query), Query for microsoft.com of type Host Addr on class Internet

More information

Shall the client have more than one NIC active with different DNS servers configured on them, the client resolution behavior is slightly different.

Sours: https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/dns-client-resolution-timeouts
  1. Bounce remixes
  2. Fox 13 news weather forecast
  3. Candida albicans infection
  4. Shampoo shield adults

Sudden DNS timeouts with “Server: UnKnown” on Windows 10 Home system

Overview

A Windows 10 Home Edition is working just fine when suddenly apps requiring public internet connections start to fail or freeze. Analysis shows that DNS has failed. I’ve tried everything I can find from many hours of searching that looks halfway appropriate to no avail. Want to avoid reloading the system as I have better things to do on my weekends.

Problem Description

DNS operations fail on Windows 10 Home edition system. The house is full of other computers, both Windows Home and Windows Professional, that keep on working when the one problematic computer stops.

The failing computer can previously be working for hours, even days, when suddenly DNS stops. I have not yet correlated any particular activity to the failure. Today there were both Windows 10 updates and a few application updates pending that needed a reboot.

This is a home system on a FIOS router without a real DNS service so all “reverse DNS” solutions are inappropriate and will be down voted unless someone gives me reason to hope their solution will applies to Windows Home systems in a home when all other computers are fine.

My windows “hosts” files has the IP addresses and names for a few special systems. A ping on them resolves the correct IP address so such pings work but nslookup commands still fail.

Problem Diagnostic

The following always happens when the problem is active:

nslookup example.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

(note the upper case K)

When the system is up the Server is populated by the name of the router. In all cases the IP address of the router is provided.

Accessing external systems by IP address works just fine so the hardware itself is up.

Reboots that work

A “safe boot” restart clears the problem. This needs to be followed by a regular boot.

A shift-restart slow-boot to completely restart the system also works.

Looking for something gentler, and even better, a fix to prevent this error.

What Doesn’t Work

All Network Settings troubleshooter and repair options do not help.
Series of standard ipconfig commands when run as administrator:

ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew

The following are also useless to me for avoiding reboot as they require it

NETSH winsock reset catalog
NETSH int ipv4 reset reset.log

NETSH int ipv6 reset reset.log

Manually change DNS to 8.8.8.8 (Google public DNS) does not help.

nslookup example.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 8.8.8.8


Have scanned for viruses. Malware Bytes comes up with what looks like a PUP false positive to a Firefox configuration file. Avast Free and Windows Defender find nothing.

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.586
Update Package Version: 1.0.10708
License: Trial

-System Information-
OS: Windows 10 (Build 17134.765)
CPU: x64
File System: NTFS
User: System

File: 1
PUP.Optional.MyStartTB.ShrtCln, H:\USERS\GILBE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JJK24VIY.DEFAULT\PREFS.JS, No Action By User, [122], [301376],1.0.10708

The prefs.js file is full of nothing but calls to the user_pref() function.
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.normandy.first_run", false);
user_pref("app.normandy.startupRolloutPrefs.extensions.fxmonitor.enabled", true);
. . . . .

 

Sours: https://www.windows10forums.com/threads/sudden-dns-timeouts-with-server-unknown-on-windows-10-home-system.19550/
Request Timed Out Fix Windows 10/8/7

 locked
Windows 10 DNS client resolution timeouts (help with a geo location issue)

Windows 10 Networkinghttps://social.technet.microsoft.com/Forums/en-US/a639c84f-cf62-4cc4-9f4c-1bf36dce8caf/windows-10-dns-client-resolution-timeouts-help-with-a-geo-location-issue?forum=win10itpronetworkingQuestion910/12/2018 3:30:53 PM1/9/2019 11:51:45 AMUse this forum to discuss networking in Windows 10.00

  • Question

  • text/html10/12/2018 3:30:53 PMGroombro0

    Hello Everybody 

    I'm looking at an issue with our DNS servers.

    and need to know how the

    Windows 10 DNS client chooses it's DNS (configured with three dns servers currently)

    and how windows 2012 server chooses which forwarder to use (configured with four forwarders) 

    we are having odd issues with DNS and I think it's one of the external forwarders on the third dns server but need to pull some evidence before I start talking to ISP's

    I found the below for win 7 and win 8 but can't find anything for windows 10.

    https://support.microsoft.com/en-us/help/2834226/net-dns-dns-client-resolution-timeouts

    thanks in advance 

    Michael 

Answers

  • text/html1/9/2019 11:51:42 AMGroombro0

    Hi Daisy 

    Don't know If this will help others but it seems most computers use 

    1,2,3,all dns's ,fail by our best results. 

    but in the end the issues we were having were having did turn out to be external (public) dns related.

    it seems there was an issue with dns1 and dns2 external forwarder not resolving an address these were based in Middle east (peering issue at the ISP meant both there isp's were bad) when there then failing over to secondary public dns provider who had a bad i.p. geolocation configuration and claimed the traffic was in Singapore so was sending them a quarter way round the world . dns3 external forwarders worked correctly but that's uk based so if they failed that far down the chain they were coming to the UK for data. 

    we have fixed the middle east sites but are now in the process of the removing large public dns provider from the environment and moving to a better rated equivalent.

    • Marked as answer byGroombroWednesday, January 9, 2019 11:51 AM

All replies

  • text/html10/15/2018 10:40:58 AMDaisy Zhou0

    Hi,
    Q1:How the Windows 10 DNS client chooses its DNS (configured with three dns servers currently)?
    A1: We can view the dns order of use as below:


    Q2: How windows 2012 server chooses which forwarder to use (configured with four forwarders)?
    A2: We can see three Conditional Forwards, and one Conditional Forward has one IP address.



    DNS Domain including bkkk.com use 33.33.33.33 IP address as below.

    We can use the above methods to view the actual situation in our own environment.

    Best Regards,
    Daisy Zhou


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact [email protected]


  • text/html10/16/2018 4:49:54 PMGroombro0

    Hi Daisy 

    sorry let me by more specific 

    The Problem is while as you point out it will use that order ( and I know it should use the order in dhcp too)  reading some docs retry errors can change things a bit i.e. if retries occur it may do

    1,2,3,fail

    1,2,3,3 fail

    1,2,3,all dns's ,fail

    I've found different windows versions of docs say different things and nothing specific to Windows 10.

    For server side i'm looking at external not conditional forwarders 

    basically the issue is one of Geo Location. the situation is this.

    we have 90 offices all using O365 (particularly exchange) some are reporting slow performance and oddities (can't log in or make set-up accounts) we discovered that some of the offices are using the wrong local pop with some middleeast site coming all the way back to the UK POP. 

    when we try testing in the office on the domain controllers it works as I would expect but some machines in the offices will still randomly report incorrect locations. after a restart or dns flush it clears and the issues go away. 

    this lead us to 2 scenarios 

    scenario one

    windows 10 machines are configured with 3 domain controllers dns's 2 local one Datacentre in the uk based when the local ones are busy the machine fails to uk hence the pop result ?

    and two

    each DC has 4 external forwarder 1 and 2 provided by local isp 3rd and 4th provided by a large public dns provider (who will remain nameless) but is used globally we have recently had reason to think the 3 and 4 dns providers have a bad geo ip table and are showing our public i.p's in the wrong place? (hence the wrong sites showing) 

    the reason for wanting the retry order is so we can work out the odds of each scenario and come up with a test plan. (fully admit there maybe a bit of 1 and 2 going on and we maybe going too deep here looking at the retries it's what we have been asked to do)  it has a potential big impact with O365 using geolocation as well as other services we are using it may mean a total review and overhaul of how our 90 offices are configured for DNS.  

    Regards Michael 


    • Edited byGroombroTuesday, October 16, 2018 4:50 PM
  • text/html10/17/2018 8:42:52 AMDaisy Zhou0

    Hi,
    I am sorry, according to your description, I don't understand very well. And I want to confirm what your specific problem is?
    O365 can't log in, can't parse or login slow?

    Best Regards,
    Daisy Zhou

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact [email protected]

  • text/html10/17/2018 9:38:08 AMLuke_Leigh0

    You are better off changing your DNS forwarders to use something other that your ISP's DNS servers. Whilst it might seem like a sensible option to use your ISP for DNS, ISP's are terrible at DNS.

    Here is a link to a well kept article regarding Public DNS Providers

    https://www.lifewire.com/free-and-public-dns-servers-2626062

    I am currently using the following and have been for the last 10 years without any issues.

    208.67.222.222
    209.244.0.3
    8.26.56.26
    8.8.4.4
    156.154.70.1
    195.46.39.39
    216.146.35.35
    8.8.8.8
    212.50.160.100
    213.249.130.100

    The choice however is yours, please read the article and select your own as you see fit.

    Anywhere I have worked where the DNS forwarders have been an issue it has usually been due to the ISP's DNS.

    You can easily change your DNS Forwarders using the following powershell commands

    Import-Module dnsserver
    Set-DnsServerForwarder -IPAddress '8.8.4.4','208.67.220.220','64.6.65.6','8.8.8.8','208.67.222.222','64.6.64.6'

    HTH
  • text/html10/19/2018 7:36:30 AMDaisy Zhou0

    Hi,
    If this question has any update? Also, for the question, is there any other assistance we could provide?

    Best Regards,
    Daisy Zhou



    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact [email protected]

  • text/html10/31/2018 2:34:18 PMGroombro0

    Hi Daisy 

    as I said we are looking for the retry conditions for dns 

    we know it works down the list for failures but we need to confirm the retry conditions. 

    so does it try the DNS server in position one twice (with a 1 second delay between attempts)

    so far I have found articles saying  it did

    1,2,3,fail

    1,2,3,3 fail

    1,2,3,all dns's ,fail

    where the number this the position in the order.

    we did some tests with snort and it seems to change per machine.

    in the end we have changed the external dns servers we use and that's helped.

  • text/html11/8/2018 3:43:40 AMDaisy Zhou0

    Hi,
    Have we got the result of retry so far? I am just writing to see if this issue has any update. If anything is unclear, please feel free to let us know.

    Have a nice day!

    Best Regards,
    Daisy Zhou

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact [email protected]

  • text/html1/9/2019 11:51:42 AMGroombro0

    Hi Daisy 

    Don't know If this will help others but it seems most computers use 

    1,2,3,all dns's ,fail by our best results. 

    but in the end the issues we were having were having did turn out to be external (public) dns related.

    it seems there was an issue with dns1 and dns2 external forwarder not resolving an address these were based in Middle east (peering issue at the ISP meant both there isp's were bad) when there then failing over to secondary public dns provider who had a bad i.p. geolocation configuration and claimed the traffic was in Singapore so was sending them a quarter way round the world . dns3 external forwarders worked correctly but that's uk based so if they failed that far down the chain they were coming to the UK for data. 

    we have fixed the middle east sites but are now in the process of the removing large public dns provider from the environment and moving to a better rated equivalent.

    • Marked as answer byGroombroWednesday, January 9, 2019 11:51 AM
Sours: https://social.technet.microsoft.com/Forums/en-US/a639c84f-cf62-4cc4-9f4c-1bf36dce8caf/windows-10-dns-client-resolution-timeouts-help-with-a-geo-location-issue?forum=win10itpronetworking

Dns timeout 10 windows

Hi all,

We have two MSI PRO 16 FLEX computers joined to our domain, and we have problems with DNS. When you run nslookup you allways get 2 sec timeout...

we have tried everything we have found in different forums, but no luck...

after

ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
NETSH winsock reset catalog
NETSH int ipv4 reset reset.log
NETSH int ipv6 reset reset.log

and reboot, we could run nslookup with no problems, but only for a few seconds...

MSI computer with Windows 10 and latest network driver

DNS server: Windows 2008 R2 (DHCP, DNS and DC...)

Other computers in the same network with no problems...

Best regards and thanks in advance!

JJ.-


Best Answer

juaalo

Anaheim

OP

Finally I solved the problem installing the last available version of Kaspersky Antivirus: KES_10.3.3.275

Best regards and thanks a lot everyone!

View this "Best Answer" in the replies below »

8 Replies

· · ·

AaronJBerger

Thai Pepper

OP

Is this a new issue or a recent issue. Anything changed recently?

Are you connecting via LAN or wifi?
Are these systems using Realtek LAN adapters? If so, have you tried the latest driver off the Realtek website?

Have you disabled all startup items, including AV?

Have you tried using an alternate USB LAN adapter for testing?

0

· · ·

Martin2012

Mace

OP

internal or external lookups?

what are the forwarders set to in the DNS server on the 2008 Domain controller?

0

· · ·

juaalo

Anaheim

OP

Hi Aaraon! Many thanks for your response.

- We have noticed this issue 3 days ago, as far as I now anything changed...

- LAN connection

- Realtek PCIe GBE Familiy Controler; latest driver from MSI, I have not searched in Realtek website

- AV disabled for testing

- not tried alternate adapter...

regards,

JJ.-

0

· · ·

juaalo

Anaheim

OP

Hi Martin!

many thanks for your help

2008 DC is the DNS Server. Forwarders are defined here.

Best regards,

JJ.-

0

· · ·

mikevandenboom

Cayenne

OP

On you DHCP config. Do you have just the DNS server as the entry? Or also an external DNS?

0

· · ·

juaalo

Anaheim

OP

Update:

Latest driver from Realtek installed.... no luck!

Disabling Kaspersky... no luck!

Uninstall Kaspersky: nslookup works fine...

0

· · ·

AaronJBerger

Thai Pepper

OP

Ahh Kaspersky! I stopped using Kaspersky about 5 or 6 yrs ago because it kept lagging and crashing the systems I ran it on. Not sure what it's like these days....

I did a quick google "Kaspersky nslookup and dns issues". Looks like this issue has been around since at least 2015.

Some people have had success disabling "Web Control" OR "Web Anti-Virus". But then you lose that protection.

You may want to create a case with Kaspersky support: https://my.kaspersky.com/en/support/helpdesk

2

· · ·

juaalo

Anaheim

OP

Best Answer

Finally I solved the problem installing the last available version of Kaspersky Antivirus: KES_10.3.3.275

Best regards and thanks a lot everyone!

0

This topic has been locked by an administrator and is no longer open for commenting.

To continue this discussion, please ask a new question.

Sours: https://community.spiceworks.com/topic/2187140-nslookup-timeout-windows-10
How to change DNS server in Windows 10

Multihomed Windows 10 DNS resolution timeouts

I have a number of multihomed Windows 10 client VMs joined to a Windows 2012 R2 domain. Ethernet1 is connected to a LAN with the domain controllers (which do not have forwarders, or access to the root servers), Ethernet2 is connected to a LAN with access to the internet, Ethernet0 and Ethernet3 both have their media disconnected. Queries for records from the domain controllers are returned just fine, but queries for records from the internet take 10 seconds plus however long my ISP's DNS servers take to return a response. If I query my ISP's DNS servers directly via the name is resolved promptly (< 1 second), if I just run without specifying a DNS server the query times out and the name is never resolved, and if I try to ping the DNS name it takes > 10 seconds before the name is resolved.

I've looked around Technet, but there doesn't seem to be any documentation yet on Windows 10. The best i've found is:

http://blogs.technet.com/b/networking/archive/2009/06/26/dns-client-resolver-behavior.aspxhttp://blogs.technet.com/b/stdqry/archive/2011/12/15/dns-clients-and-timeouts-part-2.aspx

Which says that I should expect my client to query the primary DNS server for Ethernet1, wait 1 second for the response to timeout, and then query both the secondary DNS server for Ethernet1 and the primary DNS server for Ethernet2, but this doesn't seem to be happening. The documentation goes on to say that after 10 seconds (and more 3 more rounds of DNS queries with longer timeouts) DNS resolution would fail completely for all adapters, but the behavior of the client gives the impression it is taking 10 seconds before even attempting to use the DNS servers for the second adapter.

Absent me (or you) opening up Wireshark and sniffing the line, or blindly modifying does anyone know how Windows 10 is supposed to behave, and more importantly how I can go about configuring the behavior? I'm willing to live with a ~1 second resolution time, but 10 seconds is rather brutal.

ipconfig

nslookup

Update

In case anyone else is wondering, I joined a Win7 SP1 (no patches) VM with the same network adapter configuration to the domain, moved it in to the same OU as the other VMs and updated group policy on the client just in case. It is able to resolve DNS queries both from the DC's DNS servers and my ISPs immediately. So it looks like this is behavior specific to the Windows 10 DNS client.

Update 2

So things are getting stranger. It does look like Win10 by default will issue the queries in parallel but it will not pass the response on to whatever process requested it until all queries timeout. And for some reason the DNS server on my 2nd domain controller isnt working. Does anyone know how to disable this behavior?

Wireshark Packet Trace

Sours: https://superuser.com/questions/969171/multihomed-windows-10-dns-resolution-timeouts

You will also be interested:

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

The forwarding server needs to be given a reasonable amount of time to answer a DNS query. For example, a forwarding server that has root hints enabled may have to query on the Internet for an answer, which can require additional time. If the forwarding timeout value is too small, the DNS server might not have time to complete an Internet query. However, a forwarding timeout value that is too large can also DNS query failures when DNS queries time out. The default timeout for DNS queries from clients running a Microsoft Windows operating system is 15 seconds.

Ideally the recommended DNS Timeout value should be NOT less than 2 seconds and NOT greater than 10 seconds. (2-10 seconds). DNS resolutions failures can occur if the value is too small. A timeout value of more than 10 seconds can cause DNS resolution delays.

If the forwarding timeout value is set to a small value, the forwarding server may not have sufficient time to respond, causing DNS queries to fail. If the forwarding timeout value is set to a large value, then the DNS server may wait for a long time for the forwarding server to respond. This can cause delays and timeouts when responding to DNS queries.

If a forwarding server does not respond before the timeout value, the DNS server forwards the query to the next server in the forwarders list. If none of the servers respond in time, the DNS server responds to the original query based on whether or not recursion is enabled on the DNS server. If the Use root hints if no fowarders are available check box is cleared and forwarding servers do not respond, then the server will attempt to resolve the query with iterative DNS queries. If Use root hints if no forwarders are available is enabled and forwarding servers do not respond, the DNS server will send a SERVER_FAILURE response to the DNS client.

To configure the forwarding timeout value using the Windows interface

  1. Click Start, click Run, type dnsmgmt.msc, and then press ENTER. The DNS Manager console will open.
  2. In the console tree, right-click the name of the DNS server and then click Properties.
  3. On the Forwarders tab, click the IP address of the forwarder you wish to configure, and then click Edit.
  4. Type the forwarding timeout value next to Number of seconds before forward queries time out and then click OK twice. By default, the DNS server waits three seconds for a response from one forwarder IP address before it tries another forwarder IP address.

To configure the forwarding timeout value using a command line

  1. Open a command prompt. To open an elevated Command Prompt window, click Start, point to All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.
  2. At the command prompt, type the following command, and then press ENTER:

To view the complete syntax for this command, at a command prompt, type the following command, and then press ENTER:

 

Source: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff807396(v=ws.10)

Like this:

LikeLoading...

Related

Sours: https://marktugbo.com/2019/04/29/how-to-increase-dns-timeout-value/


93 94 95 96 97